diff --git a/.github/actions/install-go/action.yml b/.github/actions/install-go/action.yml
index ec18fdcd4..e645f12b6 100644
--- a/.github/actions/install-go/action.yml
+++ b/.github/actions/install-go/action.yml
@@ -3,7 +3,7 @@ description: "Reusable action to install Go, so there is one place to bump Go ve
 inputs:
   go-version:
     required: true
-    default: "1.23.7"
+    default: "1.23.8"
     description: "Go version to install"
 
 runs:
diff --git a/.github/workflows/api-release.yml b/.github/workflows/api-release.yml
index 7167e471a..c473d53b4 100644
--- a/.github/workflows/api-release.yml
+++ b/.github/workflows/api-release.yml
@@ -6,7 +6,7 @@ on:
 name: API Release
 
 env:
-  GO_VERSION: "1.23.7"
+  GO_VERSION: "1.23.8"
 
 permissions: # added using https://github.com/step-security/secure-workflows
   contents: read
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 7f1efebe1..a7f50db73 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -13,7 +13,7 @@ on:
 name: Release
 
 env:
-  GO_VERSION: "1.23.7"
+  GO_VERSION: "1.23.8"
 
 permissions: # added using https://github.com/step-security/secure-workflows
   contents: read
diff --git a/contrib/Dockerfile.test b/contrib/Dockerfile.test
index 32e78da48..bcd456ccc 100644
--- a/contrib/Dockerfile.test
+++ b/contrib/Dockerfile.test
@@ -34,7 +34,7 @@
 #   docker run --privileged --group-add keep-groups -v ./critest_exit_code.txt:/tmp/critest_exit_code.txt containerd-test
 # ------------------------------------------------------------------------------
 
-ARG GOLANG_VERSION=1.23.7
+ARG GOLANG_VERSION=1.23.8
 ARG GOLANG_IMAGE=golang
 
 FROM ${GOLANG_IMAGE}:${GOLANG_VERSION} AS golang