diff --git a/.github/workflows/prepare-binaries.yml b/.github/workflows/prepare-binaries.yml
index 4c7a941..f554e6f 100644
--- a/.github/workflows/prepare-binaries.yml
+++ b/.github/workflows/prepare-binaries.yml
@@ -87,7 +87,7 @@ jobs:
       if: startsWith(github.ref, 'refs/tags/')
 
     - name: Upload Firmware Release Archive
-      uses: softprops/action-gh-release@v2
+      uses: softprops/action-gh-release@v3
       if: startsWith(github.ref, 'refs/tags/') && !endsWith(github.event.release.tag_name, '-signed')
       with:
         files: ReleaseFirmwareArchive/*
@@ -98,7 +98,7 @@ jobs:
       if: startsWith(github.ref, 'refs/tags/')
 
     - name: Upload Signed Release Archive
-      uses: softprops/action-gh-release@v2
+      uses: softprops/action-gh-release@v3
       if: startsWith(github.ref, 'refs/tags/') && endsWith(github.event.release.tag_name, '-signed')
       with:
         files: ReleaseSignedArtifacts/*
diff --git a/.github/workflows/validate-kek-updates.yml b/.github/workflows/validate-kek-updates.yml
index e1079cc..397eac0 100644
--- a/.github/workflows/validate-kek-updates.yml
+++ b/.github/workflows/validate-kek-updates.yml
@@ -199,7 +199,7 @@ jobs:
     - name: Comment on PR
       if: steps.changed-files.outputs.has_changes == 'true' && failure() && steps.app-token.outputs.token
       continue-on-error: true
-      uses: actions/github-script@v8
+      uses: actions/github-script@v9
       with:
         github-token: ${{ steps.app-token.outputs.token }}
         script: |
@@ -236,7 +236,7 @@ jobs:
     - name: Update PR Comment on Success
       if: steps.changed-files.outputs.has_changes == 'true' && success() && steps.app-token.outputs.token
       continue-on-error: true
-      uses: actions/github-script@v8
+      uses: actions/github-script@v9
       with:
         github-token: ${{ steps.app-token.outputs.token }}
         script: |