[Aikido] Fix 1 critical issue in google.golang.org/grpc and 6 other issues

[aikido-autofix]

Upgrade dependencies to fix critical gRPC authorization bypass (CVE-2026-33186) and high-severity arbitrary file read vulnerability in go-getter (CVE-2026-4660).

✅ 6 CVEs resolved by this upgrade, including 1 critical 🚨 CVE

This PR will resolve the following CVEs:

Issue	Severity	Description
CVE-2026-24051	MEDIUM	[go.opentelemetry.io/otel/sdk] Path hijacking vulnerability in resource detection code allows local attackers to execute arbitrary code by manipulating the PATH environment variable on macOS systems.
CVE-2026-39883	MEDIUM	[go.opentelemetry.io/otel/sdk] A PATH hijacking vulnerability exists in the BSD kenv command execution, allowing attackers to execute arbitrary code by manipulating the PATH environment variable. This enables remote code execution on BSD and Solaris platforms.
CVE-2026-33186	🚨 CRITICAL	[google.golang.org/grpc] Improper HTTP/2 :path validation allows requests without leading slashes to bypass path-based authorization interceptors, enabling attackers to circumvent "deny" rules and access restricted gRPC methods. This authorization bypass affects servers using path-based RBAC policies with fallback "allow" rules.
CVE-2026-34986	MEDIUM	[github.com/go-jose/go-jose/v4] A panic vulnerability occurs when decrypting JWE objects with key wrapping algorithms and empty encrypted_key fields, causing denial of service. The issue stems from improper slice allocation in KeyUnwrap() when processing malformed encryption data.
GHSA-xmrv-pmrh-hhx2	MEDIUM	[github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream] The EventStream header decoder fails to validate header value type bytes, allowing a remote attacker to send malformed frames that crash the host process. This results in a denial of service vulnerability.
CVE-2026-4660	HIGH	[github.com/hashicorp/go-getter] A maliciously crafted URL can allow arbitrary file reads on the file system during git operations, enabling information disclosure. This vulnerability permits attackers to access sensitive files through specially crafted URLs processed by the library.

🔗 Related Tasks

• https://aikido.atlassian.net/browse/AIK-10970
• https://aikido.atlassian.net/browse/AIK-12213