diff --git a/matrix-meetings-bot/Dockerfile b/matrix-meetings-bot/Dockerfile
index a7ec9b47..753e0d40 100644
--- a/matrix-meetings-bot/Dockerfile
+++ b/matrix-meetings-bot/Dockerfile
@@ -9,6 +9,10 @@ RUN yarn install --production --frozen-lockfile --network-timeout 1000000
 FROM node:20-bookworm-slim
 ENV NODE_ENV=production
 WORKDIR /app
+
+#  update npm to address CVE-2024-21538
+RUN npm install -g npm@10.9.2
+
 RUN set -x\
     && mkdir /app/storage \
     && chown -R 101:0 /app/storage \