diff --git a/docker/deployment/Dockerfile b/docker/deployment/Dockerfile
index d28facb326a..b00c19630c5 100644
--- a/docker/deployment/Dockerfile
+++ b/docker/deployment/Dockerfile
@@ -1,4 +1,4 @@
-FROM ubuntu:24.04@sha256:186072bba1b2f436cbb91ef2567abca677337cfc786c86e107d25b7072feef0c
+FROM ubuntu:24.04@sha256:84e77dee7d1bc93fb029a45e3c6cb9d8aa4831ccfcc7103d36e876938d28895b
 
 RUN apt-get update && \
     apt-get install -y curl jq
diff --git a/docker/terraform/Dockerfile b/docker/terraform/Dockerfile
index a94bd462de9..62cd8032537 100644
--- a/docker/terraform/Dockerfile
+++ b/docker/terraform/Dockerfile
@@ -6,7 +6,7 @@ ARG TERRAFORM_VERSION
 WORKDIR /build/
 RUN GOBIN=$(pwd) go install github.com/hashicorp/terraform@v${TERRAFORM_VERSION}
 
-FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:0b8e46240c0eb9d38f1af094f9adb73939b0ed26f0eb36b12d88ab1a33d54b33
+FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:3293540b35a930023e12066437a939a7ad6f27f01c6e65f52558534682f57ca5
 
 COPY --from=GO_BUILD /build/terraform /usr/bin/terraform
 COPY entrypoint.bash /builder/entrypoint.bash
diff --git a/docker/worker-base/Dockerfile b/docker/worker-base/Dockerfile
index 9d09d8563b6..07a93802937 100644
--- a/docker/worker-base/Dockerfile
+++ b/docker/worker-base/Dockerfile
@@ -12,7 +12,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-FROM ubuntu:24.04@sha256:186072bba1b2f436cbb91ef2567abca677337cfc786c86e107d25b7072feef0c
+FROM ubuntu:24.04@sha256:84e77dee7d1bc93fb029a45e3c6cb9d8aa4831ccfcc7103d36e876938d28895b
 
 ENV DEBIAN_FRONTEND noninteractive
 RUN apt-get update && apt-get upgrade -y && \
diff --git a/gcp/website/Dockerfile b/gcp/website/Dockerfile
index 9696b43a3ca..b23dd943f88 100644
--- a/gcp/website/Dockerfile
+++ b/gcp/website/Dockerfile
@@ -1,5 +1,5 @@
 # Build the Javascript frontend
-FROM node:24.14@sha256:bb20cf73b3ad7212834ec48e2174cdcb5775f6550510a5336b842ae32741ce6c AS FRONTEND3_BUILD
+FROM node:24.14@sha256:80fc934952c8f1b2b4d39907af7211f8a9fff1a4c2cf673fb49099292c251cec AS FRONTEND3_BUILD
 WORKDIR /build/frontend3
 
 # Install dependencies first for better caching
diff --git a/vulnfeeds/cmd/combine-to-osv/Dockerfile b/vulnfeeds/cmd/combine-to-osv/Dockerfile
index c546a3ba4a8..ad3170ebb95 100644
--- a/vulnfeeds/cmd/combine-to-osv/Dockerfile
+++ b/vulnfeeds/cmd/combine-to-osv/Dockerfile
@@ -26,7 +26,7 @@ RUN go build -o combine-to-osv ./cmd/combine-to-osv/
 RUN go build -o download-cves ./cmd/mirrors/download-cves/
 
 
-FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:0b8e46240c0eb9d38f1af094f9adb73939b0ed26f0eb36b12d88ab1a33d54b33
+FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:3293540b35a930023e12066437a939a7ad6f27f01c6e65f52558534682f57ca5
 RUN apk --no-cache add jq
 
 WORKDIR /root/
diff --git a/vulnfeeds/cmd/converters/alpine/Dockerfile b/vulnfeeds/cmd/converters/alpine/Dockerfile
index 568b6001649..77d931ae133 100644
--- a/vulnfeeds/cmd/converters/alpine/Dockerfile
+++ b/vulnfeeds/cmd/converters/alpine/Dockerfile
@@ -25,7 +25,7 @@ COPY ./ /src/
 RUN go build -o alpine-osv ./cmd/converters/alpine/
 
 
-FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:0b8e46240c0eb9d38f1af094f9adb73939b0ed26f0eb36b12d88ab1a33d54b33
+FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:3293540b35a930023e12066437a939a7ad6f27f01c6e65f52558534682f57ca5
 
 WORKDIR /root/
 COPY --from=GO_BUILD /src/alpine-osv ./
diff --git a/vulnfeeds/cmd/converters/cve/cve5/bulk-converter/Dockerfile b/vulnfeeds/cmd/converters/cve/cve5/bulk-converter/Dockerfile
index be5185cb771..e6975b8a443 100644
--- a/vulnfeeds/cmd/converters/cve/cve5/bulk-converter/Dockerfile
+++ b/vulnfeeds/cmd/converters/cve/cve5/bulk-converter/Dockerfile
@@ -25,7 +25,7 @@ RUN go mod download && go mod verify
 COPY ./ /src/
 RUN go build -o cve-bulk-converter ./cmd/converters/cve/cve5/bulk-converter/
 
-FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:0b8e46240c0eb9d38f1af094f9adb73939b0ed26f0eb36b12d88ab1a33d54b33
+FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:3293540b35a930023e12066437a939a7ad6f27f01c6e65f52558534682f57ca5
 RUN apk --no-cache add jq
 
 WORKDIR /root/
diff --git a/vulnfeeds/cmd/converters/cve/nvd-cve-osv/Dockerfile b/vulnfeeds/cmd/converters/cve/nvd-cve-osv/Dockerfile
index a70ef962a7b..6e14384406d 100644
--- a/vulnfeeds/cmd/converters/cve/nvd-cve-osv/Dockerfile
+++ b/vulnfeeds/cmd/converters/cve/nvd-cve-osv/Dockerfile
@@ -22,7 +22,7 @@ RUN go mod download && go mod verify
 COPY . .
 RUN CGO_ENABLED=0 go build -v -o /usr/local/bin ./cmd/converters/cve/nvd-cve-osv ./cmd/mirrors/download-cves
 
-FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:0b8e46240c0eb9d38f1af094f9adb73939b0ed26f0eb36b12d88ab1a33d54b33
+FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:3293540b35a930023e12066437a939a7ad6f27f01c6e65f52558534682f57ca5
 RUN apk --no-cache add jq
 
 COPY --from=GO_BUILD /usr/local/bin/ ./usr/local/bin/
diff --git a/vulnfeeds/cmd/converters/debian/Dockerfile b/vulnfeeds/cmd/converters/debian/Dockerfile
index 72651e960e6..6101646f4b6 100644
--- a/vulnfeeds/cmd/converters/debian/Dockerfile
+++ b/vulnfeeds/cmd/converters/debian/Dockerfile
@@ -25,7 +25,7 @@ COPY ./ /src/
 RUN go build -o debian ./cmd/converters/debian/
 
 
-FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:0b8e46240c0eb9d38f1af094f9adb73939b0ed26f0eb36b12d88ab1a33d54b33
+FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:3293540b35a930023e12066437a939a7ad6f27f01c6e65f52558534682f57ca5
 
 WORKDIR /root/
 COPY --from=GO_BUILD /src/debian ./
diff --git a/vulnfeeds/cmd/mirrors/cpe-repo-gen/Dockerfile b/vulnfeeds/cmd/mirrors/cpe-repo-gen/Dockerfile
index 60110dcc8fe..30cffc67821 100644
--- a/vulnfeeds/cmd/mirrors/cpe-repo-gen/Dockerfile
+++ b/vulnfeeds/cmd/mirrors/cpe-repo-gen/Dockerfile
@@ -24,7 +24,7 @@ RUN go mod download
 COPY ./ /src/
 RUN CGO_ENABLED=0 go build -o cpe-repo-gen ./cmd/mirrors/cpe-repo-gen
 
-FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:0b8e46240c0eb9d38f1af094f9adb73939b0ed26f0eb36b12d88ab1a33d54b33
+FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:3293540b35a930023e12066437a939a7ad6f27f01c6e65f52558534682f57ca5
 
 RUN apk add --no-cache unzip
 
diff --git a/vulnfeeds/cmd/mirrors/debian-copyright-mirror/Dockerfile b/vulnfeeds/cmd/mirrors/debian-copyright-mirror/Dockerfile
index 5442e9bf14a..b2f9c53d86f 100644
--- a/vulnfeeds/cmd/mirrors/debian-copyright-mirror/Dockerfile
+++ b/vulnfeeds/cmd/mirrors/debian-copyright-mirror/Dockerfile
@@ -12,7 +12,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:0b8e46240c0eb9d38f1af094f9adb73939b0ed26f0eb36b12d88ab1a33d54b33
+FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:3293540b35a930023e12066437a939a7ad6f27f01c6e65f52558534682f57ca5
 
 RUN apk add py3-yaml
 
diff --git a/vulnfeeds/cmd/mirrors/download-cves/Dockerfile b/vulnfeeds/cmd/mirrors/download-cves/Dockerfile
index 5a72b72dab9..789181c8f47 100644
--- a/vulnfeeds/cmd/mirrors/download-cves/Dockerfile
+++ b/vulnfeeds/cmd/mirrors/download-cves/Dockerfile
@@ -24,7 +24,7 @@ RUN go mod download
 COPY ./ /src/
 RUN go build -o download-cves ./cmd/mirrors/download-cves/
 
-FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:0b8e46240c0eb9d38f1af094f9adb73939b0ed26f0eb36b12d88ab1a33d54b33
+FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:3293540b35a930023e12066437a939a7ad6f27f01c6e65f52558534682f57ca5
 
 WORKDIR /usr/local/bin
 COPY --from=GO_BUILD /src/download-cves ./