diff --git a/.github/workflows/sbom.yml b/.github/workflows/sbom.yml
index 9998d91..5928978 100644
--- a/.github/workflows/sbom.yml
+++ b/.github/workflows/sbom.yml
@@ -35,7 +35,7 @@ jobs:
       - name: Install cyclonedx-bom
         # Pinned so the SBOM tool itself is reproducible across releases. Bump in lockstep
         # with a deliberate test run; do not auto-upgrade. (Reviewer MAJOR-4)
-        run: python -m pip install --upgrade pip "cyclonedx-bom==6.1.4"
+        run: python -m pip install --upgrade pip "cyclonedx-bom==7.3.0"
 
       - name: Compile pinned requirements from pyproject.toml
         run: uv pip compile pyproject.toml -o requirements.txt