fix: use non-vulnerable version of Microsoft.AspNetCore.DataProtection

[DanielRose]

Fix CVE-2026-40372 of dependant library

• You've read the Contributor Guide and Code of Conduct.
• You've included unit or integration tests for your change, where applicable.
• You've included inline docs for your change, where applicable.
• There's an open issue for the PR that you are making. If you'd like to propose a new feature or change, please open an issue to discuss the change or find an existing issue.

Update Microsoft.AspNetCore.DataProtection to 10.0.7

Description

Versions 10.0.0 to 10.0.6 are vulnerable. This updates to non-vulnerable 10.0.7

Fixes #3789

[DanielRose]

Needed to update the System.Security.Cryptography.* packages to 10.0.7 as well. Otherwise they get downgraded to 10.0.6, which NuGet doesn't like.

[bgavrilMS]

Ah, sorry I didn't see you updated your PR in time. I bumped it here: #3796