diff --git a/.github/workflows/build-and-publish-secdb.yaml b/.github/workflows/build-and-publish-secdb.yaml
index 5d2f7942b..f8ae094e8 100644
--- a/.github/workflows/build-and-publish-secdb.yaml
+++ b/.github/workflows/build-and-publish-secdb.yaml
@@ -36,7 +36,7 @@ jobs:
           gcloud --quiet alpha storage ls
 
       - name: Build the security database
-        uses: docker://ghcr.io/wolfi-dev/sdk:latest@sha256:70d2cc25253f3597fec405a17953c28e4b8faefc2813f6649a59ef6d7b8e3493
+        uses: docker://ghcr.io/wolfi-dev/sdk:latest@sha256:a5e262b68ecdda09cba58e4d8fa08453e2bdbc2a3d48c6f362f1b3990c9265af
         with:
           entrypoint: wolfictl
           args: "advisory secdb --advisories-repo-dir . --arch x86_64 --arch aarch64 -o security.json"
diff --git a/.github/workflows/build-and-publish-yaml.yaml b/.github/workflows/build-and-publish-yaml.yaml
index 29c9a437f..819fb2aba 100644
--- a/.github/workflows/build-and-publish-yaml.yaml
+++ b/.github/workflows/build-and-publish-yaml.yaml
@@ -36,7 +36,7 @@ jobs:
           gcloud --quiet alpha storage ls
 
       - name: Build the YAML database
-        uses: docker://ghcr.io/wolfi-dev/sdk:latest@sha256:70d2cc25253f3597fec405a17953c28e4b8faefc2813f6649a59ef6d7b8e3493
+        uses: docker://ghcr.io/wolfi-dev/sdk:latest@sha256:a5e262b68ecdda09cba58e4d8fa08453e2bdbc2a3d48c6f362f1b3990c9265af
         with:
           entrypoint: wolfictl
           args: "advisory export --advisories-repo-dir . --format yaml -o advisories.yaml"
diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml
index 42dd39167..de818f068 100644
--- a/.github/workflows/lint.yaml
+++ b/.github/workflows/lint.yaml
@@ -21,7 +21,7 @@ jobs:
 
     - name: Check YAML formatting
       id: lint-yaml
-      uses: docker://ghcr.io/wolfi-dev/sdk:latest@sha256:70d2cc25253f3597fec405a17953c28e4b8faefc2813f6649a59ef6d7b8e3493
+      uses: docker://ghcr.io/wolfi-dev/sdk:latest@sha256:a5e262b68ecdda09cba58e4d8fa08453e2bdbc2a3d48c6f362f1b3990c9265af
       with:
         entrypoint: wolfictl
         args: lint yam
diff --git a/.github/workflows/validate.yaml b/.github/workflows/validate.yaml
index 38b45f678..0424bf18c 100644
--- a/.github/workflows/validate.yaml
+++ b/.github/workflows/validate.yaml
@@ -12,7 +12,7 @@ jobs:
     name: Validate
     runs-on: ubuntu-latest
     container:
-      image: docker://ghcr.io/wolfi-dev/sdk:latest@sha256:70d2cc25253f3597fec405a17953c28e4b8faefc2813f6649a59ef6d7b8e3493
+      image: docker://ghcr.io/wolfi-dev/sdk:latest@sha256:a5e262b68ecdda09cba58e4d8fa08453e2bdbc2a3d48c6f362f1b3990c9265af
 
     permissions:
       contents: read