diff --git a/.github/workflows/vulnerability-scan-trivy-schedule-5x.yml b/.github/workflows/vulnerability-scan-trivy-schedule-5x.yml
new file mode 100644
index 00000000..e1a5c591
--- /dev/null
+++ b/.github/workflows/vulnerability-scan-trivy-schedule-5x.yml
@@ -0,0 +1,24 @@
+name: vulnerability-scan-trivy-schedule-5.x
+run-name: Scheduled Trivy vulnerability scan of 5.x published images.
+env:
+  REGISTRY: ghcr.io
+on:
+  schedule:
+    - cron: '0 22 * * 3'
+  workflow_dispatch:
+    inputs:
+      summary:
+        description: 'Summary of the scheduled scan.'
+        required: false
+        default: 'Trivy CVE scan of 5.x published images.'
+      tag:
+        description: 'Tag to scan.'
+        required: false
+        default: '5.x'
+jobs:
+  vulnerability-scan-schedule:
+    name: Scan for vulnerabilities on 5.x images
+    uses: "dpc-sdp/bay/.github/workflows/vulnerability-scan.yml@5.x"
+    with:
+      tag: "5.x"
+      summary: "Trivy CVE scan of 5.x published images."