diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 74a4f33..24baa3e 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -114,7 +114,7 @@ jobs:
         continue-on-error: true
 
     - name: Upload security reports
-      uses: actions/upload-artifact@v5
+      uses: actions/upload-artifact@v6
       if: always()
       with:
         name: security-reports
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 9871955..2a92874 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -54,7 +54,7 @@ jobs:
       run: twine check dist/*
 
     - name: Upload build artifacts
-      uses: actions/upload-artifact@v5
+      uses: actions/upload-artifact@v6
       with:
         name: dist
         path: dist/
diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
index d415a8a..21c8403 100644
--- a/.github/workflows/security.yml
+++ b/.github/workflows/security.yml
@@ -68,7 +68,7 @@ jobs:
         pip-audit
 
     - name: Upload vulnerability reports
-      uses: actions/upload-artifact@v5
+      uses: actions/upload-artifact@v6
       if: always()
       with:
         name: vulnerability-reports
@@ -119,7 +119,7 @@ jobs:
         semgrep --config=p/python --config=p/security-audit --config=p/secrets git_safe/
 
     - name: Upload crypto analysis reports
-      uses: actions/upload-artifact@v5
+      uses: actions/upload-artifact@v6
       if: always()
       with:
         name: crypto-analysis-reports