diff --git a/pils/package.json b/pils/package.json
index cba0adfde..915180bc9 100644
--- a/pils/package.json
+++ b/pils/package.json
@@ -26,7 +26,7 @@
     "cors": "^2.8.5",
     "express": "^4.18.2",
     "express-session": "^1.17.3",
-    "helmet": "^7.0.0",
+    "helmet": "^8.0.0",
     "moment": "^2.29.4",
     "mongoose": "^7.4.3",
     "otplib": "^12.0.1",
diff --git a/pils/pnpm-lock.yaml b/pils/pnpm-lock.yaml
index 93b83f466..f82e987c9 100644
--- a/pils/pnpm-lock.yaml
+++ b/pils/pnpm-lock.yaml
@@ -27,8 +27,8 @@ dependencies:
     specifier: ^1.17.3
     version: 1.18.1
   helmet:
-    specifier: ^7.0.0
-    version: 7.2.0
+    specifier: ^8.0.0
+    version: 8.0.0
   moment:
     specifier: ^2.29.4
     version: 2.30.1
@@ -1467,9 +1467,9 @@ packages:
     dependencies:
       function-bind: 1.1.2
 
-  /helmet@7.2.0:
-    resolution: {integrity: sha512-ZRiwvN089JfMXokizgqEPXsl2Guk094yExfoDXR0cBYWxtBbaSww/w+vT4WEJsBW2iTUi1GgZ6swmoug3Oy4Xw==}
-    engines: {node: '>=16.0.0'}
+  /helmet@8.0.0:
+    resolution: {integrity: sha512-VyusHLEIIO5mjQPUI1wpOAEu+wl6Q0998jzTxqUYGE45xCIcAxy3MsbEK/yyJUJ3ADeMoB6MornPH6GMWAf+Pw==}
+    engines: {node: '>=18.0.0'}
     dev: false
 
   /http-errors@2.0.0: