diff --git a/.github/workflows/pr-lint.yml b/.github/workflows/pr-lint.yml
index cc21bb9..51d1209 100644
--- a/.github/workflows/pr-lint.yml
+++ b/.github/workflows/pr-lint.yml
@@ -74,7 +74,7 @@ jobs:
 
       - name: Upload SARIF Report
         if: always() && hashFiles('megalinter-reports/sarif/*.sarif')
-        uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
+        uses: github/codeql-action/upload-sarif@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4.32.2
         with:
           sarif_file: megalinter-reports/sarif
           category: megalinter
diff --git a/.github/workflows/test-actions.yml b/.github/workflows/test-actions.yml
index 4775dcf..815bb90 100644
--- a/.github/workflows/test-actions.yml
+++ b/.github/workflows/test-actions.yml
@@ -73,7 +73,7 @@ jobs:
         if: always()
 
       - name: Upload SARIF file
-        uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
+        uses: github/codeql-action/upload-sarif@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4.32.2
         if: always() && hashFiles('_tests/reports/test-results.sarif') != ''
         with:
           sarif_file: _tests/reports/test-results.sarif
diff --git a/ansible-lint-fix/action.yml b/ansible-lint-fix/action.yml
index c3bcccf..2794cc6 100644
--- a/ansible-lint-fix/action.yml
+++ b/ansible-lint-fix/action.yml
@@ -130,6 +130,6 @@ runs:
 
     - name: Upload SARIF Report
       if: steps.check-files.outputs.files_found == 'true'
-      uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
+      uses: github/codeql-action/upload-sarif@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4.32.2
       with:
         sarif_file: ansible-lint.sarif
diff --git a/biome-lint/action.yml b/biome-lint/action.yml
index 5389f67..3d87d0b 100644
--- a/biome-lint/action.yml
+++ b/biome-lint/action.yml
@@ -331,7 +331,7 @@ runs:
 
     - name: Upload SARIF Report
       if: inputs.mode == 'check' && always()
-      uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
+      uses: github/codeql-action/upload-sarif@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4.32.2
       with:
         sarif_file: biome-report.sarif
 
diff --git a/codeql-analysis/action.yml b/codeql-analysis/action.yml
index cd5dd13..b84cc14 100644
--- a/codeql-analysis/action.yml
+++ b/codeql-analysis/action.yml
@@ -186,7 +186,7 @@ runs:
         echo "Using build mode: $build_mode"
 
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
+      uses: github/codeql-action/init@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4.32.2
       with:
         languages: ${{ inputs.language }}
         queries: ${{ inputs.queries }}
@@ -199,12 +199,12 @@ runs:
         threads: ${{ inputs.threads }}
 
     - name: Autobuild
-      uses: github/codeql-action/autobuild@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
+      uses: github/codeql-action/autobuild@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4.32.2
       if: ${{ steps.set-build-mode.outputs.build-mode == 'autobuild' }}
 
     - name: Perform CodeQL Analysis
       id: analysis
-      uses: github/codeql-action/analyze@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
+      uses: github/codeql-action/analyze@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4.32.2
       with:
         category: ${{ steps.set-category.outputs.category }}
         upload: ${{ inputs.upload-results }}
diff --git a/csharp-lint-check/action.yml b/csharp-lint-check/action.yml
index 967a93d..e57052f 100644
--- a/csharp-lint-check/action.yml
+++ b/csharp-lint-check/action.yml
@@ -206,6 +206,6 @@ runs:
         fi
 
     - name: Upload SARIF Report
-      uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
+      uses: github/codeql-action/upload-sarif@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4.32.2
       with:
         sarif_file: dotnet-format.sarif
diff --git a/eslint-lint/action.yml b/eslint-lint/action.yml
index b6fbc70..7947d7f 100644
--- a/eslint-lint/action.yml
+++ b/eslint-lint/action.yml
@@ -457,7 +457,7 @@ runs:
 
     - name: Upload SARIF Report
       if: inputs.mode == 'check' && inputs.report-format == 'sarif' && always()
-      uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
+      uses: github/codeql-action/upload-sarif@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4.32.2
       with:
         sarif_file: ${{ inputs.working-directory }}/eslint-results.sarif
 
diff --git a/go-lint/action.yml b/go-lint/action.yml
index 9d5358d..07acf45 100644
--- a/go-lint/action.yml
+++ b/go-lint/action.yml
@@ -414,7 +414,7 @@ runs:
 
     - name: Upload Lint Results
       if: always() && inputs.report-format == 'sarif'
-      uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
+      uses: github/codeql-action/upload-sarif@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4.32.2
       with:
         sarif_file: ${{ inputs.working-directory }}/reports/golangci-lint.sarif
         category: golangci-lint
diff --git a/python-lint-fix/action.yml b/python-lint-fix/action.yml
index eb590f4..e7101f6 100644
--- a/python-lint-fix/action.yml
+++ b/python-lint-fix/action.yml
@@ -370,7 +370,7 @@ runs:
 
     - name: Upload SARIF Report
       if: steps.check-files.outputs.result == 'found'
-      uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
+      uses: github/codeql-action/upload-sarif@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4.32.2
       with:
         sarif_file: ${{ inputs.working-directory }}/reports/flake8.sarif
         category: 'python-lint'
diff --git a/security-scan/action.yml b/security-scan/action.yml
index fa09aa3..172552a 100644
--- a/security-scan/action.yml
+++ b/security-scan/action.yml
@@ -161,14 +161,14 @@ runs:
 
     - name: Upload Trivy results
       if: steps.verify-sarif.outputs.has_trivy == 'true'
-      uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
+      uses: github/codeql-action/upload-sarif@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4.32.2
       with:
         sarif_file: 'trivy-results.sarif'
         category: 'trivy'
 
     - name: Upload Gitleaks results
       if: steps.verify-sarif.outputs.has_gitleaks == 'true'
-      uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
+      uses: github/codeql-action/upload-sarif@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4.32.2
       with:
         sarif_file: 'gitleaks-report.sarif'
         category: 'gitleaks'
diff --git a/terraform-lint-fix/action.yml b/terraform-lint-fix/action.yml
index 8e34dbf..83dbfe2 100644
--- a/terraform-lint-fix/action.yml
+++ b/terraform-lint-fix/action.yml
@@ -256,7 +256,7 @@ runs:
 
     - name: Upload SARIF Report
       if: steps.check-files.outputs.found == 'true' && inputs.format == 'sarif'
-      uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
+      uses: github/codeql-action/upload-sarif@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4.32.2
       with:
         sarif_file: ${{ env.VALIDATED_WORKING_DIR }}/reports/tflint.sarif
         category: terraform-lint