fix: upgrade registry Next.js for GHSA-c4j6-fc7j-m34r

[bntvllnt]

The registry app is on the vulnerable Next.js 16.1.x line for GHSA-c4j6-fc7j-m34r.

Scope:

• Upgrade apps/registry next and @next/mdx to the patched 16.2.x line.
• Raise the workspace Next override floor so dependency resolution cannot drift back to 16.1.x.
• Validate install/build gates and document any unrelated baseline lint/tooling failures separately.

[github-actions]

This issue is missing a type (Task / Bug / Feature). A maintainer will set one shortly. See CONTRIBUTING.md → Issue types.

[bntvllnt]

Closing as covered by merged PR #357.

#357 upgraded the registry app to Next.js 16.2.6, pinned @next/mdx to 16.2.6, and raised the workspace Next override floor to >=16.2.6. That matches this issue's GHSA-c4j6-fc7j-m34r scope.