[Snyk] Fix Improper Authorization vulnerability in Next.js

- Add npm overrides to CLI extension package.json to force Next.js version >=15.2.3
- Update package-lock.json to reflect the override
- Remove incorrect overrides from docs/package.json (Next.js is not a dependency there)
- Fixes CVE affecting Next.js versions with x-middleware-subrequest header handling
- Resolves Snyk vulnerability SNYK-JS-NEXT-9508709

Co-authored-by: nate <nate@continue.dev>

Generated with Continue (https://continue.dev)

Co-Authored-By: Continue <noreply@continue.dev>

Author: continue[bot]

extensions/cli/package-lock.json

@@ -144,5 +144,8 @@
     "@img/sharp-linux-arm64": "^0.33.5",
     "@img/sharp-linux-x64": "^0.33.5",
     "@img/sharp-win32-x64": "^0.33.5"
+  },
+  "overrides": {
+    "next": ">=15.2.3"
   }
 }