diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 445b654d..06954447 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -20,7 +20,7 @@ env:
   CDXGEN_PLUGINS_VERSION: '1.8.0'
   GRYPE_VERSION: 'v0.104.2'
   SBOMQS_VERSION: 'v2.0.2'
-  DEPSCAN_VERSION: 'v5.5.0'
+  DEPSCAN_VERSION: 'v6.0.0'
   NYDUS_VERSION: '2.3.9'
   SWIFT_VERSION: '6.2.3'
   semantic_version: '19.0.5'
diff --git a/.github/workflows/verify.yml b/.github/workflows/verify.yml
index a76f1282..f8c1c4e0 100644
--- a/.github/workflows/verify.yml
+++ b/.github/workflows/verify.yml
@@ -13,7 +13,7 @@ env:
   CDXGEN_PLUGINS_VERSION: '1.8.0'
   GRYPE_VERSION: 'v0.104.2'
   SBOMQS_VERSION: 'v2.0.2'
-  DEPSCAN_VERSION: 'v5.5.0'
+  DEPSCAN_VERSION: 'v6.0.0'
   NYDUS_VERSION: '2.3.9'
   java_version: '25'
   node_version: '21'
diff --git a/src/main/docker/Dockerfile b/src/main/docker/Dockerfile
index 09312207..e4f39467 100644
--- a/src/main/docker/Dockerfile
+++ b/src/main/docker/Dockerfile
@@ -104,7 +104,7 @@ RUN \
     rm -rf nydus.tgz nydus-static
 
 # install depscan
-RUN pip install -q owasp-depscan==${DEPSCAN_VERSION}
+RUN pip install -q owasp-depscan==${DEPSCAN_VERSION#v}
 
 # install sdkman
 COPY --chown=root:root --chmod=a-w src/main/docker/assets/curlrc /root/.curlrc