diff --git a/.github/workflows/axosyslog-image-test.yml b/.github/workflows/axosyslog-image-test.yml
index 0b53373b92..cf82f70f1c 100644
--- a/.github/workflows/axosyslog-image-test.yml
+++ b/.github/workflows/axosyslog-image-test.yml
@@ -63,3 +63,11 @@ jobs:
           export SYSLOG_NG_IMAGE="axosyslog:test"
           export SYSLOG_NG_VERSION="${{ needs.tarball.outputs.snapshot-version }}"
           docker/tests/smoke.sh
+
+      - name: Scan docker image on CVEs
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: 'axosyslog:test'
+          format: 'table'
+          exit-code: '1'
+          severity: 'CRITICAL,HIGH,MEDIUM,LOW'