diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 6f3eb023..444f7e75 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -49,13 +49,13 @@ jobs:
           prerelease: ${{ inputs.prerelease }}
 
       - name: Generate SBOM
-        uses: anchore/sbom-action@e8d2a6937ecead383dfe75190d104edd1f9c5751 # v0.16.0
+        uses: anchore/sbom-action@95b086ac308035dc0850b3853be5b7ab108236a8 # v0.16.1
         with:
           artifact-name: sbom-${{ github.event.repository.name }}-${{ inputs.tag }}.spdx.json
           output-file: sbom-${{ github.event.repository.name }}-${{ inputs.tag }}.spdx.json
           upload-artifact-retention: 1
 
       - name: Publish SBOM
-        uses: anchore/sbom-action/publish-sbom@e8d2a6937ecead383dfe75190d104edd1f9c5751 # v0.16.0
+        uses: anchore/sbom-action/publish-sbom@95b086ac308035dc0850b3853be5b7ab108236a8 # v0.16.1
         with:
           sbom-artifact-match: ".*${{ inputs.tag }}.spdx\\.json"
diff --git a/.github/workflows/version-or-publish.yml b/.github/workflows/version-or-publish.yml
index 21944ddd..70f9afb6 100644
--- a/.github/workflows/version-or-publish.yml
+++ b/.github/workflows/version-or-publish.yml
@@ -68,7 +68,7 @@ jobs:
           NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
 
       - name: Generate SBOM
-        uses: anchore/sbom-action@e8d2a6937ecead383dfe75190d104edd1f9c5751
+        uses: anchore/sbom-action@95b086ac308035dc0850b3853be5b7ab108236a8
         with:
           artifact-name: sbom-${{ github.event.repository.name }}-${{ inputs.version_tag }}.spdx.json
           output-file: sbom-${{ github.event.repository.name }}-${{ inputs.version_tag }}.spdx.json