diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml
index a776fdfb1..9b550cb05 100644
--- a/.github/workflows/scan.yml
+++ b/.github/workflows/scan.yml
@@ -30,16 +30,13 @@ jobs:
           export DOCKER_DEFAULT_PLATFORM='linux/arm64'
           make build-docker-image
 
-      - name: Run Trivy vulnerability scanner image (linux/arm64)
-        uses: aquasecurity/trivy-action@0.32.0
+      - name: Run Snyk vulnerability scanner image (linux/arm64)
+        uses: snyk/actions/docker@master
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
         with:
-          image-ref: '${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}-arm64'
-          format: 'table'
-          exit-code: '1'
-          ignore-unfixed: true
-          vuln-type: 'os,library'
-          severity: 'CRITICAL,HIGH'
-          version: 'v0.57.1'
+          image: '${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}-arm64'
+          args: --platform=linux/arm64 --severity-threshold=high --exclude-base-image-vulns --file=./build/postgres-operator/Dockerfile -fail-on=upgradable
 
       - name: Build an image from Dockerfile (linux/amd64)
         run: |
@@ -49,13 +46,11 @@ jobs:
           export DOCKER_DEFAULT_PLATFORM='linux/amd64'
           make build-docker-image
 
-      - name: Run Trivy vulnerability scanner image (linux/amd64)
-        uses: aquasecurity/trivy-action@0.32.0
+      - name: Run Snyk vulnerability scanner image (linux/amd64)
+        uses: snyk/actions/docker@master
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
         with:
-          image-ref: '${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}-amd64'
-          format: 'table'
-          exit-code: '1'
-          ignore-unfixed: true
-          vuln-type: 'os,library'
-          severity: 'CRITICAL,HIGH'
-          version: 'v0.57.1'
+          image: '${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}-amd64'
+          args: --platform=linux/amd64 --severity-threshold=high --exclude-base-image-vulns --file=./build/postgres-operator/Dockerfile -fail-on=upgradable
+
diff --git a/build/postgres-operator/Dockerfile b/build/postgres-operator/Dockerfile
index f39296f8a..4ab66f372 100644
--- a/build/postgres-operator/Dockerfile
+++ b/build/postgres-operator/Dockerfile
@@ -45,7 +45,7 @@ RUN mkdir -p build/_output/bin \
 RUN ./bin/license_aggregator.sh ./cmd/...; \
 	cp -r ./licenses /licenses
 
-FROM registry.access.redhat.com/ubi9/ubi-minimal AS ubi9
+FROM registry.access.redhat.com/ubi10/ubi-minimal AS ubi10
 RUN microdnf update -y && microdnf clean all -y
 
 LABEL name="Percona Postgres Operator" \