This probably won't happen unless Nintendo fucks up like they did with ro:han on 3.0.0. Unlike most other consoles the Switch is a micro kernel design which means that the surface area for attack is very small so there aren't many vulnerabilities. As well as reducing the number of vulns the small kernel size means the entire thing can be reverse engineered relatively quickly compared to other consoles. Old consoles get hacked when people look in to areas of the OS that haven't been thoroughly explored before but the entire Switch kernel has now been faithfully reimplemented in Atmosphere. If there was a useful bug in the current firmware, it would have been found in the process of doing that.
There may be bugs in the boot rom but if there were TX would have likely sold them instead of the SX Core. Selling an easy to use vulnerability is better than a glitch chip because most people aren't willing to solder shit to their motherboard. Additionally the software methods of launching cfw on low firmware Erista units relied on a bug in how the boot rom handled sleep mode, that is why Mariko units couldn't be hacked with Deja Vu despite shipping with a low enough firmware.
You might be able to get regular homebrew access by hacking each individual sys-module but that would take considerable effort and wouldn't allow for most cfw features, it would be like the 3.0.0 exploit before Fusee-Gelee was released. The only way we will get CFW on new units without a modchip is if Nintendo massively fucks up a future firmware update, someone at Nintendo leaks the signature keys for the firmware, or by waiting until computers are fast enough to bruteforce the signature keys.
If you want to hack the Switch pro there is still a way you could do it but it would need a glitch chip and it could be patched in firmware. You may recall before the SX Core was released people in ReSwitched were speculating that it was glitching the boot loader, it was actually glitching the boot rom BCT checks, but in theory glitching the bootloader would work. The downside is Nintendo could just add random timings in a future update and I don't think any Open Source people would work on it as it would risk them getting sued like Max Louarn and Gary Bowser currently are. There is also another potential exploit that would be easier to pull off than glitching the bootloader but that would also require a glitch chip and I haven't seen anyone else discussing it (I don't even now if it's possible because I don't have the time or skills to reverse engineer the boot rom but based on public knowledge and my understanding of glitch attacks I don't see why it wouldn't work).
Edit: Also Nintendo has a bug bounty so most people would rather sell if and get $$$, I know I would. If a bug is reported and Nintendo fixes it though it would be made public soon enough because people will just diff the binaries to see what changed and why.