diff --git a/.github/workflows/chainctl-image-diff.yaml b/.github/workflows/chainctl-image-diff.yaml
index b81e1fa..ac59351 100644
--- a/.github/workflows/chainctl-image-diff.yaml
+++ b/.github/workflows/chainctl-image-diff.yaml
@@ -50,7 +50,7 @@ jobs:
         identity: "326bcde5903252f3ae2fe01c691b5a50f7046b5d/10275f9d35604b8e"
 
     # Install grype. It's required by chainctl image diff.
-    - uses: anchore/scan-action/download-grype@3aaf50d765cfcceafa51d322ccb790e40f6cd8c5 # v6.1.0
+    - uses: anchore/scan-action/download-grype@7037fa011853d5a11690026fb85feee79f4c946c # v6.1.0
       id: download_grype
 
     # Install cosign. We'll use this to verify image signatures.
diff --git a/.github/workflows/grype-scan.yaml b/.github/workflows/grype-scan.yaml
index 7bb927d..3182143 100644
--- a/.github/workflows/grype-scan.yaml
+++ b/.github/workflows/grype-scan.yaml
@@ -28,7 +28,7 @@ jobs:
     - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
 
     # Install grype
-    - uses: anchore/scan-action/download-grype@3aaf50d765cfcceafa51d322ccb790e40f6cd8c5 # v6.1.0
+    - uses: anchore/scan-action/download-grype@7037fa011853d5a11690026fb85feee79f4c946c # v6.1.0
       id: download_grype
 
     # Run digestabot