diff --git a/.github/workflows/authors.yml b/.github/workflows/authors.yml
index 633d4b73ec04..6a07610d55d2 100644
--- a/.github/workflows/authors.yml
+++ b/.github/workflows/authors.yml
@@ -41,7 +41,7 @@ jobs:
       - run: echo ${{ github.event.number }} > new-authors/pr-number.txt
       - run: ls -l
       - name: Upload new authors
-        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3
+        uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808
         with:
           name: new-authors
           path: new-authors
diff --git a/.github/workflows/builds.yml b/.github/workflows/builds.yml
index 42f6d79a977d..96bb4725ee03 100644
--- a/.github/workflows/builds.yml
+++ b/.github/workflows/builds.yml
@@ -138,7 +138,7 @@ jobs:
           cd ..
           tar zcf suricata-verify.tar.gz suricata-verify
       - name: Uploading prep archive
-        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3
+        uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808
         with:
           name: prep
           path: |
@@ -165,7 +165,7 @@ jobs:
           cargo install --target x86_64-unknown-linux-musl --debug cbindgen
           cp $HOME/.cargo/bin/cbindgen .
       - name: Uploading prep archive
-        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3
+        uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808
         with:
           name: cbindgen
           path: .
@@ -2254,7 +2254,7 @@ jobs:
         run: |
           mkdir dist
           mv suricata-*.tar.gz dist
-      - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3
+      - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808
         name: Uploading distribution
         with:
           name: dist
diff --git a/.github/workflows/cifuzz.yml b/.github/workflows/cifuzz.yml
index 5ebcb6d1cf56..e9c7bcc659ad 100644
--- a/.github/workflows/cifuzz.yml
+++ b/.github/workflows/cifuzz.yml
@@ -32,7 +32,7 @@ jobs:
        dry-run: false
        sanitizer: ${{ matrix.sanitizer }}
    - name: Upload Crash
-     uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3
+     uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808
      if: failure()
      with:
        name: ${{ matrix.sanitizer }}-artifacts
diff --git a/.github/workflows/commits.yml b/.github/workflows/commits.yml
index 7d1d87350bf8..036bd3adceb8 100644
--- a/.github/workflows/commits.yml
+++ b/.github/workflows/commits.yml
@@ -97,7 +97,7 @@ jobs:
               make -ik distclean > /dev/null
           done
       - run: sccache -s
-      - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3
+      - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808
         name: Uploading build log
         if: always()
         with:
diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml
index 1174246cab0f..237e6d9a6adc 100644
--- a/.github/workflows/scorecards-analysis.yml
+++ b/.github/workflows/scorecards-analysis.yml
@@ -43,7 +43,7 @@ jobs:
       # https://docs.github.com/en/actions/advanced-guides/storing-workflow-data-as-artifacts
       # Optional.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.1.2
+        uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.1.2
         with:
           name: SARIF file
           path: results.sarif