diff --git a/.github/workflows/reusable-vulnerability-scan.yml b/.github/workflows/reusable-vulnerability-scan.yml
index 229f1755..32a5e2a0 100644
--- a/.github/workflows/reusable-vulnerability-scan.yml
+++ b/.github/workflows/reusable-vulnerability-scan.yml
@@ -199,7 +199,7 @@ jobs:
 
       - name: Grype SBOM scan
         if: inputs.mode == 'docker' && inputs.generate_sbom
-        uses: anchore/scan-action@869c549e657a088dc0441b08ce4fc0ecdac2bb65  # v5
+        uses: anchore/scan-action@7037fa011853d5a11690026fb85feee79f4c946c  # v7.3.2
         with:
           sbom: sbom.spdx.json
           fail-build: false