The package inflight @1.0.6 is been identified as a vulnerble which is used as a dependency for glob @7.1.6.

The description for the issue is been reported as follows,
In npm inflight there is a memory leak because some resources are not freed correctly after being used. It appears to affect all versions.

Please consider the attachment for the details.

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

Have also had this flagged in a project. I believe that upgrading glob to > v9 should resolve the issue as they removed inflight isaacs/inflight-DEPRECATED-DO-NOT-USE#5

I can potentially help on this

Snyk is also picking this one up.
Any hopes of fixing?