diff --git a/.github/workflows/maven-security.yml b/.github/workflows/maven-security.yml
index c644cda8..72b6c148 100644
--- a/.github/workflows/maven-security.yml
+++ b/.github/workflows/maven-security.yml
@@ -28,7 +28,7 @@ jobs:
             - name: Scan with OWASP
               run: mvn -B -Powasp compile dependency-check:check -pl '!report,!xoai-data-provider-tck'
             - name: Upload scan results as SARIF report to GitHub Security Tab
-              uses: github/codeql-action/upload-sarif@v3
+              uses: github/codeql-action/upload-sarif@v4
               if: always() # do not skip this step if OWASP fails the mvn build
               with:
                   sarif_file: target/dependency-check-report.sarif