added panic recovery to software mutations flow just to be safe

[jahzielv]

For #24784

Checklist for submitter

If some of the following don't apply, delete the relevant line.

• Added/updated automated tests
• Manual QA for all new/changed functionality

[ksykulev]

That's a neat pattern I didn't know go could do 👍

[codecov]

Codecov Report

Attention: Patch coverage is 25.00000% with 3 lines in your changes missing coverage. Please review.

Project coverage is 64.01%. Comparing base (9d3398a) to head (8323712).
Report is 7 commits behind head on main.

Files with missing lines	Patch %	Lines
server/vulnerabilities/nvd/cpe.go	25.00%	2 Missing and 1 partial ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main   #26932      +/-   ##
==========================================
- Coverage   64.01%   64.01%   -0.01%     
==========================================
  Files        1701     1701              
  Lines      162246   162256      +10     
  Branches     4325     4325              
==========================================
+ Hits       103857   103863       +6     
- Misses      50328    50330       +2     
- Partials     8061     8063       +2     

Flag	Coverage Δ
backend	64.77% <25.00%> (-0.01%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[iansltx]

Validated this fix by removing the bounds check for the Python for Windows mutator and passing in a version in tests that only had 2-3 version components. The test returned a CPE based on the unmodified version string without panicking, which is what I would expect. Yay for robustness!