diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml
index 7d76acb..a73c45a 100644
--- a/.github/workflows/cd.yml
+++ b/.github/workflows/cd.yml
@@ -10,7 +10,7 @@ on:
 jobs:
   python-packaging:
     name: 🐍 Packaging
-    uses: cda-tum/mqt-workflows/.github/workflows/reusable-python-packaging.yml@v1.3.2
+    uses: cda-tum/mqt-workflows/.github/workflows/reusable-python-packaging.yml@v1.4.0
 
   deploy:
     if: github.event_name == 'release' && github.event.action == 'published'
@@ -31,7 +31,7 @@ jobs:
           path: dist
           merge-multiple: true
       - name: Generate artifact attestation for sdist and wheel(s)
-        uses: actions/attest-build-provenance@v1.4.2
+        uses: actions/attest-build-provenance@v1.4.3
         with:
           subject-path: "dist/*"
       - uses: pypa/gh-action-pypi-publish@release/v1
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 9eee31c..6e92e68 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -14,13 +14,13 @@ concurrency:
 jobs:
   change-detection:
     name: 🔍 Change
-    uses: cda-tum/mqt-workflows/.github/workflows/reusable-change-detection.yml@v1.3.2
+    uses: cda-tum/mqt-workflows/.github/workflows/reusable-change-detection.yml@v1.4.0
 
   cpp-tests:
     name: 🇨‌ Test
     needs: change-detection
     if: fromJSON(needs.change-detection.outputs.run-cpp-tests)
-    uses: cda-tum/mqt-workflows/.github/workflows/reusable-cpp-ci.yml@v1.3.2
+    uses: cda-tum/mqt-workflows/.github/workflows/reusable-cpp-ci.yml@v1.4.0
     permissions:
       id-token: write # Explicitly allows the `id-token: write` permission for this job
     with:
@@ -33,7 +33,7 @@ jobs:
     name: 🇨‌ Lint
     needs: change-detection
     if: fromJSON(needs.change-detection.outputs.run-cpp-linter)
-    uses: cda-tum/mqt-workflows/.github/workflows/reusable-cpp-linter.yml@v1.3.2
+    uses: cda-tum/mqt-workflows/.github/workflows/reusable-cpp-linter.yml@v1.4.0
 
   python-tests:
     name: 🐍 Test
@@ -41,7 +41,7 @@ jobs:
     permissions:
       id-token: write # Explicitly allows the `id-token: write` permission for this job
     if: fromJSON(needs.change-detection.outputs.run-python-tests)
-    uses: cda-tum/mqt-workflows/.github/workflows/reusable-python-ci.yml@v1.3.2
+    uses: cda-tum/mqt-workflows/.github/workflows/reusable-python-ci.yml@v1.4.0
     with:
       skip-testing-latest-python: true
 
@@ -49,7 +49,7 @@ jobs:
     name: 📝 CodeQL
     needs: change-detection
     if: fromJSON(needs.change-detection.outputs.run-code-ql)
-    uses: cda-tum/mqt-workflows/.github/workflows/reusable-code-ql.yml@v1.3.2
+    uses: cda-tum/mqt-workflows/.github/workflows/reusable-code-ql.yml@v1.4.0
 
   required-checks-pass: # This job does nothing and is only used for branch protection
     name: 🚦 Check
diff --git a/.github/workflows/update-mqt-core.yml b/.github/workflows/update-mqt-core.yml
index f205976..1a6137a 100644
--- a/.github/workflows/update-mqt-core.yml
+++ b/.github/workflows/update-mqt-core.yml
@@ -21,6 +21,6 @@ concurrency:
 jobs:
   update-mqt-core:
     name: ⬆️ Update MQT Core
-    uses: cda-tum/mqt-workflows/.github/workflows/reusable-mqt-core-update.yml@v1.3.2
+    uses: cda-tum/mqt-workflows/.github/workflows/reusable-mqt-core-update.yml@v1.4.0
     with:
       update-to-head: ${{ github.event.inputs.update-to-head == 'true' }}