diff --git a/ci-tools/vulnerability-scan b/ci-tools/vulnerability-scan
index 78daffe0c9e985be3ef2fd2b1b0f6359c6b38324..c252a303c1ffd7fac589fa3d42c4d4883478564e 100755
--- a/ci-tools/vulnerability-scan
+++ b/ci-tools/vulnerability-scan
@@ -34,4 +34,5 @@ fi
 # vulnix exits with an error status if there are vulnerabilities.  We told
 # GitLab to allow this by setting `allow_failure` to true in the GitLab CI
 # config.
+set +eo pipefail
 nix-shell -p vulnix --run 'vulnix ./scan-target/' | tee "$OUTPUT"