fix(deps): resolve high severity audit vulnerabilities (#15961)

# Overview

Fixes all high/critical severity vulnerabilities reported by `pnpm audit
--prod`.

## Key Changes

- **Bump `undici` in `packages/payload`**
- 7.18.2 → 7.24.4. Fixes 6 CVEs:
[CVE-2026-1526](https://nvd.nist.gov/vuln/detail/CVE-2026-1526),
[CVE-2026-1528](https://nvd.nist.gov/vuln/detail/CVE-2026-1528),
[CVE-2026-2229](https://nvd.nist.gov/vuln/detail/CVE-2026-2229)
(WebSocket memory/crash),
[CVE-2026-2581](https://nvd.nist.gov/vuln/detail/CVE-2026-2581)
(response buffering DoS),
[CVE-2026-1525](https://nvd.nist.gov/vuln/detail/CVE-2026-1525) (request
smuggling),
[CVE-2026-1527](https://nvd.nist.gov/vuln/detail/CVE-2026-1527) (CRLF
injection). Minor version bump, same major. Payload only uses `Agent`
and `fetch`.

- **Bump `rollup` in `packages/payload`**
- 4.52.3 → 4.59.0. Fixes
[CVE-2026-27606](https://nvd.nist.gov/vuln/detail/CVE-2026-27606)
(arbitrary file write via path traversal in output filenames). Minor
version bump within ^4. Used only for `rollup-plugin-dts` type bundling.

- **Bump `@sentry/nextjs` and `@sentry/types` in
`packages/plugin-sentry`**
- ^8.33.1 → ^9.5.0. All 8.x versions pin rollup 3.29.5, vulnerable to
[CVE-2026-27606](https://nvd.nist.gov/vuln/detail/CVE-2026-27606);
9.5.0+ switched to rollup ^4.34.9. The plugin uses a small API surface
(one type import, `ErrorBoundary`, `captureException`) — none have
breaking changes in v9.

- **Bump `changelogen` in `tools/releaser` and `tools/scripts`**
- ^0.5.5 → ^0.6.2. The new version pulls in giget 2.x which dropped the
vulnerable `tar` dependency entirely. Resolves 6 high-severity node-tar
CVEs: [CVE-2026-31802](https://nvd.nist.gov/vuln/detail/CVE-2026-31802),
[CVE-2026-29786](https://nvd.nist.gov/vuln/detail/CVE-2026-29786),
[CVE-2026-26960](https://nvd.nist.gov/vuln/detail/CVE-2026-26960),
[CVE-2026-24842](https://nvd.nist.gov/vuln/detail/CVE-2026-24842),
[CVE-2026-23950](https://nvd.nist.gov/vuln/detail/CVE-2026-23950),
[CVE-2026-23745](https://nvd.nist.gov/vuln/detail/CVE-2026-23745)
(symlink/hardlink traversal, path sanitization bypasses).

- **Override `@vercel/blob>undici`**
- 5.29.0 → 6.24.1 via pnpm override. Fixes the same undici CVEs listed
above. undici 6.x had no API changes vs 5.x (only dropped Node 14/16
support), and `@vercel/blob` only imports `fetch` and types. Bumping
`@vercel/blob` itself (0.x → 2.x) requires `allowOverwrite` handling and
has no test coverage, so that will be a separate PR.

## Design Decisions

Where possible, vulnerabilities are resolved through direct dependency
bumps rather than pnpm overrides. This is more maintainable since future
`pnpm install` runs will naturally resolve to patched versions. The one
exception is `@vercel/blob>undici`, kept as an override because
upgrading `@vercel/blob` from 0.x to 2.x changes overwrite semantics on
`put()` and the adapter has no integration tests. That upgrade warrants
its own PR with proper testing.

Author: denolfe

package.json

@@ -241,6 +241,7 @@
       "workerd"
     ],
     "overrides": {
+      "@vercel/blob>undici": "6.24.1",
       "copyfiles": "$copyfiles",
       "cross-env": "$cross-env",
       "dotenv": "$dotenv",

packages/payload/package.json

@@ -127,7 +127,7 @@
     "sanitize-filename": "1.6.3",
     "ts-essentials": "10.0.3",
     "tsx": "4.21.0",
-    "undici": "7.18.2",
+    "undici": "7.24.4",
     "uuid": "10.0.0",
     "ws": "^8.16.0"
   },
@@ -148,7 +148,7 @@
     "graphql-http": "^1.22.0",
     "react-datepicker": "7.6.0",
     "rimraf": "6.0.1",
-    "rollup": "4.52.3",
+    "rollup": "4.59.0",
     "rollup-plugin-dts": "6.2.3",
     "sharp": "0.32.6"
   },

packages/plugin-sentry/package.json

@@ -54,8 +54,8 @@
     "lint:fix": "eslint . --fix"
   },
   "dependencies": {
-    "@sentry/nextjs": "^8.33.1",
-    "@sentry/types": "^8.33.1"
+    "@sentry/nextjs": "^9.5.0",
+    "@sentry/types": "^9.5.0"
   },
   "devDependencies": {
     "@payloadcms/eslint-config": "workspace:*",