Here’s the thing…
The search there is the clue. Basically what search does is prepending whatever bare host you’re checking to the domain set as search domain. So when you try to dig localhost, MacOS sees it isn’t FQDN, so it converts it to one by morphing it to localhost.<search domain>, i.e. localhost.ade5bb.dns.nextdns.io, which NextDNS catches through some wildcard and resolves it to their own IP address.