diff --git a/.github/workflows/mcp-catalog-sync.yaml b/.github/workflows/mcp-catalog-sync.yaml
index f0201a8d..f071c62c 100644
--- a/.github/workflows/mcp-catalog-sync.yaml
+++ b/.github/workflows/mcp-catalog-sync.yaml
@@ -829,7 +829,7 @@ jobs:
         if: steps.image.outputs.image_type == 'pypi'
         uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
         with:
-          python-version: "3.12"
+          python-version: "3.14"
 
       - name: Run pip-audit (PyPI packages)
         id: pip-audit
diff --git a/.github/workflows/security-gate.yaml b/.github/workflows/security-gate.yaml
index b7106420..e356163f 100644
--- a/.github/workflows/security-gate.yaml
+++ b/.github/workflows/security-gate.yaml
@@ -227,7 +227,7 @@ jobs:
       - name: Set up Python
         uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
         with:
-          python-version: "3.10"  # ensure-sops requires Python <3.11
+          python-version: "3.14"  # ensure-sops requires Python <3.11
 
       - name: Install ensure-sops
         run: |