added panic recovery to software mutations flow just to be safe (#26932)

> For #24784

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Added/updated automated tests
- [x] Manual QA for all new/changed functionality

server/vulnerabilities/nvd/cpe.go

@@ -372,6 +372,11 @@ var (
 func mutateSoftware(software *fleet.Software, logger log.Logger) {
 	for _, transformer := range softwareTransformers {
 		if transformer.matches(software) {
+			defer func() {
+				if r := recover(); r != nil {
+					level.Warn(logger).Log("msg", "panic during software mutation", "softwareName", software.Name, "softwareVersion", software.Version, "error", r)
+				}
+			}()
 			transformer.mutate(software, logger)
 			break
 		}

server/vulnerabilities/nvd/cpe_test.go

@@ -2134,7 +2134,7 @@ func TestMutateSoftware(t *testing.T) {
 		},
 	} {
 		t.Run(tc.name, func(t *testing.T) {
-			mutateSoftware(tc.s, log.NewNopLogger())
+			require.NotPanics(t, func() { mutateSoftware(tc.s, log.NewNopLogger()) })
 			require.Equal(t, tc.sanitized, tc.s)
 		})
 	}