diff --git a/.github/workflows/security-pr.yml b/.github/workflows/security-pr.yml
index 9e437251..c695d0af 100644
--- a/.github/workflows/security-pr.yml
+++ b/.github/workflows/security-pr.yml
@@ -385,7 +385,7 @@ jobs:
       - name: Upload Trivy SARIF to GitHub Security
         if: always() && steps.trivy-sarif-check.outputs.exists == 'true'
         # github/codeql-action v4
-        uses: github/codeql-action/upload-sarif@1dbebad653b49a8cce7da97e33aa7a9e33a82651
+        uses: github/codeql-action/upload-sarif@e3200e331bf51e47d45a8a5645d2a125c8a8a643
         with:
           sarif_file: 'trivy-binary-results.sarif'
           category: ${{ steps.pr-info.outputs.is_push == 'true' && format('security-scan-{0}', github.event_name == 'workflow_run' && github.event.workflow_run.head_branch || github.ref_name) || format('security-scan-pr-{0}', steps.pr-info.outputs.pr_number) }}
diff --git a/frontend/package-lock.json b/frontend/package-lock.json
index c0d86119..945d1c0f 100644
--- a/frontend/package-lock.json
+++ b/frontend/package-lock.json
@@ -48,7 +48,7 @@
         "@typescript-eslint/eslint-plugin": "^8.57.0",
         "@typescript-eslint/parser": "^8.57.0",
         "@typescript-eslint/utils": "^8.57.0",
-        "@vitejs/plugin-react": "^6.0.0",
+        "@vitejs/plugin-react": "^6.0.1",
         "@vitest/coverage-istanbul": "^4.1.0",
         "@vitest/coverage-v8": "^4.1.0",
         "@vitest/eslint-plugin": "^1.6.11",
diff --git a/frontend/package.json b/frontend/package.json
index 9ea8ea47..abc213fd 100644
--- a/frontend/package.json
+++ b/frontend/package.json
@@ -67,7 +67,7 @@
     "@typescript-eslint/eslint-plugin": "^8.57.0",
     "@typescript-eslint/parser": "^8.57.0",
     "@typescript-eslint/utils": "^8.57.0",
-    "@vitejs/plugin-react": "^6.0.0",
+    "@vitejs/plugin-react": "^6.0.1",
     "@vitest/coverage-istanbul": "^4.1.0",
     "@vitest/coverage-v8": "^4.1.0",
     "@vitest/eslint-plugin": "^1.6.11",