diff --git a/.github/workflows/pr-build.yaml b/.github/workflows/pr-build.yaml
index ec6d9ce..7df9e75 100644
--- a/.github/workflows/pr-build.yaml
+++ b/.github/workflows/pr-build.yaml
@@ -125,7 +125,7 @@ jobs:
         run: |
           docker save --output ratelimit-controller-container.tar ratelimit-controller:latest
       - name: Upload image
-        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
+        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
         with:
           name: ratelimit-controller-container
           path: ratelimit-controller-container.tar        
diff --git a/.github/workflows/report-on-vulnerabilities.yaml b/.github/workflows/report-on-vulnerabilities.yaml
index 0383a36..84509f2 100644
--- a/.github/workflows/report-on-vulnerabilities.yaml
+++ b/.github/workflows/report-on-vulnerabilities.yaml
@@ -43,7 +43,7 @@ jobs:
         fi
 
     - name: Upload vulnerability scan report
-      uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
+      uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
       if: steps.parse-results.outputs.results == 'found'
       with:
         name: scan.json
diff --git a/.github/workflows/scorecard.yaml b/.github/workflows/scorecard.yaml
index 8f2d071..74ea2ce 100644
--- a/.github/workflows/scorecard.yaml
+++ b/.github/workflows/scorecard.yaml
@@ -33,7 +33,7 @@ jobs:
           publish_results: true
 
       - name: "Upload artifact"
-        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
+        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
         with:
           name: SARIF file
           path: results.sarif