The library has a high severity vulnerability

It needs to be upgraded to the latest version, which uses .mjs files.