diff --git a/.github/workflows/dast.yml b/.github/workflows/dast.yml
index 03e6246..a6964f7 100644
--- a/.github/workflows/dast.yml
+++ b/.github/workflows/dast.yml
@@ -17,7 +17,7 @@ jobs:
           timeout 30 bash -c 'until docker compose ps | grep -q "healthy"; do sleep 2; done'
 
       - name: ZAP Baseline Scan
-        uses: zaproxy/action-baseline@v0.12.0
+        uses: zaproxy/action-baseline@v0.15.0
         with:
           target: http://localhost:8080
           # Soft fail — 초기 도입 시 빌드 차단 없이 리포트만 생성