[Aikido] Fix 3 security issues in json, psych

[aikido-autofix]

Upgrade json and psych gems to fix heap buffer overflow, integer overflow, and concurrent mutation vulnerabilities in JSON generation/parsing and YAML parsing that could lead to memory corruption or DoS.

✅ 3 CVEs resolved by this upgrade

This PR will resolve the following CVEs:

Issue	Severity	Description
AIKIDO-2026-10977	LOW	[json] A heap buffer overflow vulnerability exists in the native generator when computing output buffer capacity for repeated indent/spacing strings, potentially causing memory corruption. Additionally, an unchecked depth option can cause denial of service through excessive nesting work.
AIKIDO-2026-10978	LOW	[json] A use-after-free vulnerability in JSON parsing allows concurrent mutation of the source string during parsing through Ruby-level hooks, potentially causing memory corruption and parsed value divergence. The patch freezes or copies the source buffer to prevent modification during parsing.
AIKIDO-2026-11069	LOW	[psych] A heap out-of-bounds write vulnerability exists in the YAML parser's IO reader callback, which fails to validate the length of data returned by IO#read operations. This allows attackers to trigger a buffer overflow and achieve remote code execution through Psych.load, Psych.safe_load, or Psych.parse.

🔗 Related Tasks

• https://aikido.atlassian.net/browse/AIK-14581

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

[aikido-autofix]

Closed by Aikido: a new AutoFix has been created → #295