diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
index 091eb9d..9b3222e 100644
--- a/.github/workflows/security.yml
+++ b/.github/workflows/security.yml
@@ -80,7 +80,7 @@ jobs:
           distribution: 'temurin'
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v3
+        uses: github/codeql-action/init@v4
         with:
           languages: java
 
@@ -88,7 +88,7 @@ jobs:
         run: ./mvnw compile -B -pl wamr4j,wamr4j-jni,wamr4j-panama -P skip-native -DskipTests -am
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v3
+        uses: github/codeql-action/analyze@v4
 
   # Secret scanning
   secret-scan: