Maybe what has more potential is the browser, there's a lot of hype over how vulnerable Webkit is lately, many code execution exploits found.. at least one exploit proof of concept out there which is not platform specific too. Of course this would only be limited privileges.. but that would be a start, and on Android where the browser is supposed to be sandboxed a way to break out was found regardless. Webkit will be a major target for exploits for certain in the future, interestingly also used on 3DS as well. Could potentially be a source of user mode exploits i think surely considering the info given about various bugs is features the Vita browser shares.
I'm not suggesting anything to be made out of thin air or are platform-specific to be clear, and obviously most of the bugs do not have proof of concept code as of yet. Just thinking of the future; sharing such a widely implemented 3rd party engine which is definitely going to be hacked seems like it could be a major weakness. Or in the case of non-browser bugs, possibly a better usermode alternative to savegame exploits for the people working on PSP.
If someone could inform me if they implemented measures against that type of attack after the libtiff problems i'd appreciate it.