fix(deps): pin axios to 1.15.0 for CVE-2025-62718

[yashvanthbl137-crypto]

Exception Type: Security CVE fix

Justification: (Critical, CVSS 9.3): Axios NO_PROXY hostname normalization bypass (CVE-2025-62718) — loopback URLs like localhost. / [::1] can be proxied incorrectly, weakening SSRF mitigations; blocking release / CI (improved-yarn-audit --min-severity high).

Current Dependency: axios < 1.15.0 (e.g. root ^1.13.0 + transitive copies via lerna/nx, @cosmjs/tendermint-rpc, etc., per lockfile).

Upgrade To: axios 1.15.0 .

CVE Link: GHSA-3p68-rc4w-qgx5

Ticket: CGARD-783

[bhargavirao24]

I verified. Here's what I looked at:
This release includes CI security hardening post-compromise
CVE fix is real, confirmed on NVD today; CVSS score is 9.3 critical
Fix commit is public on GitHub, it's a hostname normalization change, nothing unusual
1.15.0 was published via GitHub Actions with OIDC not manual CLI like the compromised versions
No new dependencies added

@yashvanthbl137-crypto - Make sure you pin to exact version, pls see my comment above. Let me know once that's done, AppSec will review and approve.