diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 5c2fcc8..a5487dd 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -28,7 +28,7 @@ jobs:
       - name: Install dependencies
         run: brew install popt
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13
+        uses: github/codeql-action/init@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0
         with:
           languages: cpp
           queries: security-and-quality
@@ -38,4 +38,4 @@ jobs:
           cmake -S . -B build -D CMAKE_OSX_ARCHITECTURES=arm64
           cmake --build build
       - name: Perform CodeQL analysis
-        uses: github/codeql-action/analyze@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13
+        uses: github/codeql-action/analyze@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
index b709321..7e4757e 100644
--- a/.github/workflows/dependency-review.yml
+++ b/.github/workflows/dependency-review.yml
@@ -20,7 +20,7 @@ jobs:
       - name: Checkout repository
         uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
       - name: Dependency review
-        uses: actions/dependency-review-action@5a2ce3f5b92ee19cbb1541a4984c76d921601d7c # v4.3.4
+        uses: actions/dependency-review-action@a6993e2c61fd5dc440b409aa1d6904921c5e1894 # v4.3.5
         with:
           comment-summary-in-pr: true
           fail-on-severity: low
diff --git a/.github/workflows/markdown-links.yml b/.github/workflows/markdown-links.yml
index bd8e498..e864e91 100644
--- a/.github/workflows/markdown-links.yml
+++ b/.github/workflows/markdown-links.yml
@@ -22,7 +22,7 @@ jobs:
           egress-policy: audit
       - name: Check links in modified Markdown files
         if: github.event_name == 'pull_request'
-        uses: umbrelladocs/action-linkspector@04615112d3a3fa32c5d2f08feb9c34715571116a # v1.2.3
+        uses: umbrelladocs/action-linkspector@fc382e19892aca958e189954912fe379a8df270c # v1.2.4
         with:
           fail_on_error: true
           filter_mode: file
diff --git a/.github/workflows/openssf-scorecard.yml b/.github/workflows/openssf-scorecard.yml
index 1264b09..95d5fdc 100644
--- a/.github/workflows/openssf-scorecard.yml
+++ b/.github/workflows/openssf-scorecard.yml
@@ -37,6 +37,6 @@ jobs:
           path: results.sarif
           retention-days: 5
       - name: Upload to code scanning dashboard
-        uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13
+        uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0
         with:
           sarif_file: results.sarif