diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 2fbd8750c6a..1636f6c5a1b 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -2,27 +2,27 @@ name: "CodeQL"
 permissions: read-all
 
 on:
-  workflow_call:
+  push:
+    branches:
+      - develop
+      - release_v*
   pull_request:
-    # paths:
-    #   - '**.py'
-
+    paths:
+      - '.github/workflows/codeql.yml'
+      - '**.py'
 
 jobs:
   analyze:
     name: Analyze
     runs-on: ubuntu-22.04
-    timeout-minutes: 60
+    timeout-minutes: 15
     permissions:
       security-events: write
-
     steps:
       - name: Checkout repository
         uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
         with:
           lfs: true
-
-      # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
         uses: github/codeql-action/init@47b3d888fe66b639e431abf22ebca059152f1eea # v3.24.5
         with:
@@ -32,13 +32,23 @@ jobs:
         with:
           category: "/language:python"
 
+      # Pdf reports always empty for PRs
       - name: Generate Security Report
+        # if: ${{ github.event_name != 'pull_request' }}
         uses: rsdmike/github-security-report-action@a149b24539044c92786ec39af8ba38c93496495d # v3.0.4
         with:
           template: report
           token: ${{ secrets.GITHUB_TOKEN }}
+      - name: Rename Report
+        shell: bash
+        continue-on-error: true
+        run: |
+          DATE=$(date +"%Y-%m-%d")
+          REF_NAME="${{ github.ref_name }}"
+          mv "report.pdf" "codeql_nncf_report_${DATE}_${REF_NAME//\//-}_${{ github.sha }}.pdf"
       - name: Upload CodeQL Artifacts
+        # if: ${{ github.event_name != 'pull_request' }}
         uses: actions/upload-artifact@1746f4ab65b179e0ea60a494b83293b640dd5bba # v4.3.2
         with:
           name: codeql-scan-results
-          path: "./report.pdf"
+          path: "./codeql*.pdf"
diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml
index d694fb946b2..7121d84efb3 100644
--- a/.github/workflows/nightly.yml
+++ b/.github/workflows/nightly.yml
@@ -48,7 +48,5 @@ jobs:
         run:  pytest tests/tensorflow -m 'nightly'
 
   weight-compression:
+    if: github.repository_owner == 'openvinotoolkit'
     uses: ./.github/workflows/conformance_weight_compression.yml
-
-  codeql:
-    uses: ./.github/workflows/codeql.yml
diff --git a/nncf/vulnerability.py b/nncf/vulnerability.py
deleted file mode 100644
index 86e8d595eda..00000000000
--- a/nncf/vulnerability.py
+++ /dev/null
@@ -1,45 +0,0 @@
-# Copyright (c) 2025 Intel Corporation
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#      http://www.apache.org/licenses/LICENSE-2.0
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-import os
-import sqlite3
-from tempfile import mktemp
-
-
-def execute_command(command):
-    os.system(command)
-
-
-user_command = input("Enter shell command: ")
-execute_command(user_command)
-
-
-def get_user_data(user_id):
-    conn = sqlite3.connect("example.db")
-    cursor = conn.cursor()
-
-    query = f"SELECT * FROM users WHERE id = {user_id}"
-    cursor.execute(query)
-
-    result = cursor.fetchall()
-    conn.close()
-    return result
-
-
-user_input = input("Enter user ID: ")
-print(get_user_data(user_input))
-
-
-def write_results(results):
-    filename = mktemp()
-    with open(filename, "w+") as f:
-        f.write(results)
-    print("Results written to", filename)
diff --git a/vulnerability.py b/vulnerability.py
deleted file mode 100644
index 86e8d595eda..00000000000
--- a/vulnerability.py
+++ /dev/null
@@ -1,45 +0,0 @@
-# Copyright (c) 2025 Intel Corporation
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#      http://www.apache.org/licenses/LICENSE-2.0
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-import os
-import sqlite3
-from tempfile import mktemp
-
-
-def execute_command(command):
-    os.system(command)
-
-
-user_command = input("Enter shell command: ")
-execute_command(user_command)
-
-
-def get_user_data(user_id):
-    conn = sqlite3.connect("example.db")
-    cursor = conn.cursor()
-
-    query = f"SELECT * FROM users WHERE id = {user_id}"
-    cursor.execute(query)
-
-    result = cursor.fetchall()
-    conn.close()
-    return result
-
-
-user_input = input("Enter user ID: ")
-print(get_user_data(user_input))
-
-
-def write_results(results):
-    filename = mktemp()
-    with open(filename, "w+") as f:
-        f.write(results)
-    print("Results written to", filename)