diff --git a/.github/workflows/actionlint.yaml b/.github/workflows/actionlint.yaml
index 2770fff8..09fbc9e9 100644
--- a/.github/workflows/actionlint.yaml
+++ b/.github/workflows/actionlint.yaml
@@ -43,7 +43,7 @@ jobs:
         runs-on: ubuntu-latest
         steps:
             -   name: "Harden Runner"
-                uses: step-security/harden-runner@9ca718d3bf646d6534007c269a635b3e54cadf99 # v2.19.2
+                uses: step-security/harden-runner@ab7a9404c0f3da075243ca237b5fac12c98deaa5 # v2.19.3
                 with:
                     egress-policy: block
                     allowed-endpoints: >
diff --git a/.github/workflows/cibuild.yaml b/.github/workflows/cibuild.yaml
index e98e7771..4edea4c7 100644
--- a/.github/workflows/cibuild.yaml
+++ b/.github/workflows/cibuild.yaml
@@ -66,7 +66,7 @@ jobs:
         runs-on: ${{ matrix.os }}
         steps:
             -   name: Harden Runner
-                uses: step-security/harden-runner@9ca718d3bf646d6534007c269a635b3e54cadf99 # v2.19.2
+                uses: step-security/harden-runner@ab7a9404c0f3da075243ca237b5fac12c98deaa5 # v2.19.3
                 with:
                     disable-sudo-and-containers: true
                     egress-policy: block
diff --git a/.github/workflows/stale.yaml b/.github/workflows/stale.yaml
index 14685fc8..ca638e99 100644
--- a/.github/workflows/stale.yaml
+++ b/.github/workflows/stale.yaml
@@ -34,7 +34,7 @@ jobs:
         runs-on: 'ubuntu-latest'
         steps:
             -   name: Harden Runner
-                uses: step-security/harden-runner@9ca718d3bf646d6534007c269a635b3e54cadf99 # v2.19.2
+                uses: step-security/harden-runner@ab7a9404c0f3da075243ca237b5fac12c98deaa5 # v2.19.3
                 with:
                     disable-sudo-and-containers: true
                     egress-policy: block