diff --git a/examples/Dockerfile.good b/examples/Dockerfile.good
index f35afe1..d9dd917 100644
--- a/examples/Dockerfile.good
+++ b/examples/Dockerfile.good
@@ -1,6 +1,6 @@
 # Secure example: pinned, small, non-root
 # Smaller base images = smaller attack surface
-FROM nginx:1.29.1-alpine
+FROM nginx:1.29.2-alpine
 # Create an unprivileged user and use it.
 RUN adduser -D -u 10001 appuser
 USER 10001:10001
diff --git a/examples/pod-secure.yaml b/examples/pod-secure.yaml
index ca60bf8..90bb1e5 100644
--- a/examples/pod-secure.yaml
+++ b/examples/pod-secure.yaml
@@ -8,7 +8,7 @@ spec:
     runAsNonRoot: true # Explicitly require non-root execution
   containers:
     - name: app
-      image: nginx:1.29.1-alpine
+      image: nginx:1.29.2-alpine
       ports:
         - containerPort: 8080
       securityContext: