diff --git a/.github/workflows/vuln-scans.yml b/.github/workflows/vuln-scans.yml
index a0b4e9d9e4..81ff694d5f 100644
--- a/.github/workflows/vuln-scans.yml
+++ b/.github/workflows/vuln-scans.yml
@@ -41,7 +41,7 @@ jobs:
     runs-on: ubuntu-24.04
     steps:
       - uses: actions/checkout@v4
-      - uses: anchore/scan-action@v5
+      - uses: anchore/scan-action@v6
         with:
           severity-cutoff: "high"
           only-fixed: true
@@ -150,7 +150,7 @@ jobs:
           name: otelcol-${{ matrix.ARCH }}${{ matrix.FIPS == true && '-fips' || '' }}
           path: ./dist
       - run: docker load -i ./dist/image.tar
-      - uses: anchore/scan-action@v5
+      - uses: anchore/scan-action@v6
         with:
           severity-cutoff: "high"
           only-fixed: true
@@ -193,7 +193,7 @@ jobs:
           docker build -t otelcol-windows --pull --build-arg BASE_IMAGE=${base_image} --build-arg JMX_METRIC_GATHERER_RELEASE=$(Get-Content packaging\jmx-metric-gatherer-release.txt) -f .\cmd\otelcol\Dockerfile.windows .\cmd\otelcol\
           Remove-Item .\cmd\otelcol\otelcol.exe
           Remove-Item .\cmd\otelcol\agent-bundle_windows_amd64.zip
-      - uses: anchore/scan-action@v5
+      - uses: anchore/scan-action@v6
         with:
           severity-cutoff: "high"
           only-fixed: true
diff --git a/packaging/jmx-metric-gatherer-release.txt b/packaging/jmx-metric-gatherer-release.txt
index 067a092d53..51e6dd7837 100644
--- a/packaging/jmx-metric-gatherer-release.txt
+++ b/packaging/jmx-metric-gatherer-release.txt
@@ -1 +1 @@
-v1.41.0
+v1.42.0