From 8adb4f43adedce94f98877835c86cc7fec90b374 Mon Sep 17 00:00:00 2001
From: Andoni Alonso <14891798+andoniaf@users.noreply.github.com>
Date: Mon, 2 Mar 2026 09:54:34 +0100
Subject: [PATCH] chore: bump Trivy to 0.69.2 (#10210)

---
 .github/actions/trivy-scan/action.yml | 2 ++
 Dockerfile                            | 2 +-
 api/CHANGELOG.md                      | 1 +
 api/Dockerfile                        | 2 +-
 prowler/CHANGELOG.md                  | 1 +
 5 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/.github/actions/trivy-scan/action.yml b/.github/actions/trivy-scan/action.yml
index b6db4499bc..9360dd0953 100644
--- a/.github/actions/trivy-scan/action.yml
+++ b/.github/actions/trivy-scan/action.yml
@@ -63,6 +63,7 @@ runs:
         exit-code: '0'
         scanners: 'vuln'
         timeout: '5m'
+        version: 'v0.69.2'
 
     - name: Run Trivy vulnerability scan (SARIF)
       if: inputs.upload-sarif == 'true' && github.event_name == 'push'
@@ -75,6 +76,7 @@ runs:
         exit-code: '0'
         scanners: 'vuln'
         timeout: '5m'
+        version: 'v0.69.2'
 
     - name: Upload Trivy results to GitHub Security tab
       if: inputs.upload-sarif == 'true' && github.event_name == 'push'
diff --git a/Dockerfile b/Dockerfile
index 6819f4736b..60d72ad469 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -6,7 +6,7 @@ LABEL org.opencontainers.image.source="https://github.com/prowler-cloud/prowler"
 ARG POWERSHELL_VERSION=7.5.0
 ENV POWERSHELL_VERSION=${POWERSHELL_VERSION}
 
-ARG TRIVY_VERSION=0.66.0
+ARG TRIVY_VERSION=0.69.2
 ENV TRIVY_VERSION=${TRIVY_VERSION}
 
 # hadolint ignore=DL3008
diff --git a/api/CHANGELOG.md b/api/CHANGELOG.md
index af9d745835..01415c07de 100644
--- a/api/CHANGELOG.md
+++ b/api/CHANGELOG.md
@@ -31,6 +31,7 @@ All notable changes to the **Prowler API** are documented in this file.
 - Attack Paths: Add private labels and properties in Attack Paths graphs for avoiding future overlapping with Cartography's ones [(#10124)](https://github.com/prowler-cloud/prowler/pull/10124)
 - Attack Paths: Query endpoint executes them in read only mode [(#10140)](https://github.com/prowler-cloud/prowler/pull/10140)
 - Attack Paths: `Accept` header query endpoints also accepts `text/plain`, supporting compact plain-text format for LLM consumption [(#10162)](https://github.com/prowler-cloud/prowler/pull/10162)
+- Bump Trivy from 0.69.1 to 0.69.2 [(#10210)](https://github.com/prowler-cloud/prowler/pull/10210)
 
 ### 🐞 Fixed
 
diff --git a/api/Dockerfile b/api/Dockerfile
index 43abe7d82d..508bcae60e 100644
--- a/api/Dockerfile
+++ b/api/Dockerfile
@@ -5,7 +5,7 @@ LABEL maintainer="https://github.com/prowler-cloud/api"
 ARG POWERSHELL_VERSION=7.5.0
 ENV POWERSHELL_VERSION=${POWERSHELL_VERSION}
 
-ARG TRIVY_VERSION=0.69.1
+ARG TRIVY_VERSION=0.69.2
 ENV TRIVY_VERSION=${TRIVY_VERSION}
 
 # hadolint ignore=DL3008
diff --git a/prowler/CHANGELOG.md b/prowler/CHANGELOG.md
index 6d1184fd39..ecbb529770 100644
--- a/prowler/CHANGELOG.md
+++ b/prowler/CHANGELOG.md
@@ -58,6 +58,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
 - Update Azure Entra ID service metadata to new format [(#9619)](https://github.com/prowler-cloud/prowler/pull/9619)
 - Update Azure Virtual Machines service metadata to new format [(#9629)](https://github.com/prowler-cloud/prowler/pull/9629)
 - Cloudflare provider credential validation with specific exceptions [(#9910)](https://github.com/prowler-cloud/prowler/pull/9910)
+- Bump Trivy from 0.66.0 to 0.69.2 [(#10210)](https://github.com/prowler-cloud/prowler/pull/10210)
 
 ### 🐞 Fixed