hik-mapbox (>=0.0.1 <=1.4.3) potentially affected by unknown CVE via @antv/l7-three (=2.25.4)

@antv/l7-three NPM version =2.25.4 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/l7-three and may be impacted: - hik-mapbox =0.0.1, =1.4.3 Source cves: unknown CVE Source advisory: OSV:MAL-2026-4052...