diff --git a/.gitea/workflows/sonar-scan.yml b/.gitea/workflows/sonar-scan.yml
index 90a6ccd..ee9f602 100644
--- a/.gitea/workflows/sonar-scan.yml
+++ b/.gitea/workflows/sonar-scan.yml
@@ -35,9 +35,12 @@ jobs:
           dotnet --list-sdks
           dotnet --version
 
-      # ============================
-      # STEP 4: Dependency Check (CVE)
-      # ============================
+      - name: Install OWASP Dependency Check
+        run: |
+          Invoke-WebRequest -Uri "https://github.com/jeremylong/DependencyCheck/releases/download/v10.0.3/dependency-check-10.0.3-release.zip" -OutFile "dc.zip"
+          Expand-Archive -Path "dc.zip" -DestinationPath "./dc" -Force
+          echo "$PWD/dc/dependency-check/bin" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append
+
       - name: Run OWASP Dependency Check
         run: |
           dependency-check.bat --project "VectorDBDemo" --scan "." --format "XML" --out "./depcheck"