diff --git a/poetry.lock b/poetry.lock
index ad35583f01f5..31a0e1fca42c 100644
--- a/poetry.lock
+++ b/poetry.lock
@@ -61,13 +61,13 @@ pycodestyle = ">=2.12.0"
 
 [[package]]
 name = "bandit"
-version = "1.9.3"
+version = "1.9.4"
 description = "Security oriented static analyser for python code."
 optional = false
 python-versions = ">=3.10"
 files = [
-    {file = "bandit-1.9.3-py3-none-any.whl", hash = "sha256:4745917c88d2246def79748bde5e08b9d5e9b92f877863d43fab70cd8814ce6a"},
-    {file = "bandit-1.9.3.tar.gz", hash = "sha256:ade4b9b7786f89ef6fc7344a52b34558caec5da74cb90373aed01de88472f774"},
+    {file = "bandit-1.9.4-py3-none-any.whl", hash = "sha256:f89ffa663767f5a0585ea075f01020207e966a9c0f2b9ef56a57c7963a3f6f8e"},
+    {file = "bandit-1.9.4.tar.gz", hash = "sha256:b589e5de2afe70bd4d53fa0c1da6199f4085af666fde00e8a034f152a52cd628"},
 ]
 
 [package.dependencies]
@@ -1691,4 +1691,4 @@ zstd = ["backports-zstd (>=1.0.0)"]
 [metadata]
 lock-version = "2.0"
 python-versions = ">=3.11, <3.14"
-content-hash = "55aaf9ddcdc493bd06b8d82392410781690826b337828beea89d8f0635aab9d0"
+content-hash = "ee522cf75d95b31700077dcc54b7ef81cb61330a8bf9bffebeebcea939a13e3f"
diff --git a/pyproject.toml b/pyproject.toml
index 45bcdd030ec3..0d89c514f4ff 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -23,7 +23,7 @@ autopep8 = "2.3.2"
 pylint = "4.0.5"
 flake8 = "7.3.0"
 black = "26.1.0"
-bandit = "1.9.3"
+bandit = "1.9.4"
 
 [build-system]
 requires = ["poetry-core>=1.0.0"]