fix: dependency-review new vulnerability preset

[erikburt]

Changes

• Adds a new config preset for dependency-review.

Notes

# This is a copy of `vulnerability-high.yml` with a specific CVE allowlisted.

# https://github.com/advisories/GHSA-x744-4wpc-v9h2
# CVE-2026-34040
# We are temporarily allowing this CVE because it's from a transitive dep and specific to AuthZ plugin, which is something we don't use.
# - The typical dependency path for us is `testcontainers/testcontainers-go -> github.com/docker/docker`
# - There is currently no github.com/docker/docker version that is patched, and therefore no testcontainers-go version that we can update to.
# - We will wait for these related tasks on testcontainers-go's side before we remove this config preset:
#   - https://github.com/testcontainers/testcontainers-go/issues/3496
#   - https://github.com/testcontainers/testcontainers-go/issues/3614
#   - https://github.com/testcontainers/testcontainers-go/pull/3591

Usage

smartcontractkit/gha-org-workflows#28

• This will allow us to set a repository variable to override the preset chosen, but falling back to vulnerability-high, when unset or when set to an invalid preset.
• This will allow us to gate this CVE exception for repositories which need it, and then later flip it back to vulnerability-high by "disallowing" the cve exception one.

---

DX-3666