diff --git a/ci-tools/vulnerability-scan b/ci-tools/vulnerability-scan
index a2b2d6c9c02eb90c48ee9613deb65e8172e6dd28..04058db1079301298a2e1eeea24085fb31b490dd 100755
--- a/ci-tools/vulnerability-scan
+++ b/ci-tools/vulnerability-scan
@@ -34,6 +34,6 @@ fi
 # vulnix exits with an error status if there are vulnerabilities.  We told
 # GitLab to allow this by setting `allow_failure` to true in the GitLab CI
 # config.
-set +eo pipefail
-status=$(nix-shell -p vulnix --run 'vulnix ./scan-target/' | tee "$OUTPUT")
-exit $status
+set +e
+nix-shell -p vulnix --run 'vulnix ./scan-target/' | tee "$OUTPUT"
+exit $?