diff --git a/.github/workflows/fosstars-report.yml b/.github/workflows/fosstars-report.yml
index f3de0ab6c..fadd925db 100644
--- a/.github/workflows/fosstars-report.yml
+++ b/.github/workflows/fosstars-report.yml
@@ -41,11 +41,16 @@ jobs:
           MVN_ARGS="${{ env.MVN_MULTI_THREADED_ARGS }} clean install -DskipTests -DskipFormatting"
           mvn $MVN_ARGS
 
+      - name: "Create settings.xml"
+        run: |
+          echo '${{ secrets.OSS_INDEX_SETTINGS_XML }}' > settings.xml
+
       - name: "CVE Scan"
         env:
           NVD_API_KEY: ${{ secrets.NVD_API_KEY }}
-        run: |
-          mvn -T1 --no-transfer-progress --batch-mode org.owasp:dependency-check-maven:check org.owasp:dependency-check-maven:aggregate
+        run: >
+          mvn -T1 --no-transfer-progress -s settings.xml
+          --batch-mode org.owasp:dependency-check-maven:check org.owasp:dependency-check-maven:aggregate
 
       - name: "Archive CVE Report"
         uses: actions/upload-artifact@v4
diff --git a/pom.xml b/pom.xml
index 274c2c80c..dd1a47442 100644
--- a/pom.xml
+++ b/pom.xml
@@ -780,6 +780,7 @@ https://gitbox.apache.org/repos/asf?p=maven-pmd-plugin.git;a=blob_plain;f=src/ma
           <suppressionFile>${project.rootdir}/.pipeline/dependency-check-suppression.xml</suppressionFile>
           <nvdValidForHours>46</nvdValidForHours>
           <skipProvidedScope>true</skipProvidedScope>
+          <ossIndexServerId>ossindex</ossIndexServerId>
         </configuration>
       </plugin>
     </plugins>