[Aikido] Fix security issue in qs via minor version upgrade from 6.14.0 to 6.15.1

[aikido-autofix]

Upgrade qs to fix HIGH severity DoS vulnerability (CVE-2026-2391) bypassing arrayLimit with comma-separated values and LOW severity arrayLimit inconsistency (CVE-2025-15284) in bracket notation.

⚠️ Breaking changes analysis not available for: qs

✅ 2 CVEs resolved by this upgrade

This PR will resolve the following CVEs:

Issue	Severity	Description
CVE-2026-2391	HIGH	[qs] Comma-separated value parsing bypasses arrayLimit enforcement when comma: true is enabled, allowing attackers to create arbitrarily large arrays from a single parameter and cause denial-of-service through memory exhaustion.
CVE-2025-15284	LOW	[qs] Improper input validation in array parsing allows the arrayLimit option to be bypassed when using bracket notation, enabling potential HTTP DoS attacks when parameterLimit is set to high values. The vulnerability inconsistently enforces arrayLimit only for indexed notation while ignoring it for bracket notation array syntax.

[aikido-pr-checks]

5 Open source vulnerabilities detected - critical severity
Aikido detected 5 vulnerabilities across 2 packages, it includes 1 critical and 4 high vulnerabilities.

Details

Remediation Aikido suggests bumping the vulnerable packages to a safe version.

_{Reply @AikidoSec ignore: [REASON] to ignore this issue.}
More info