SHA256 is used for mining but that would only expose new coins that are being generated. If there was a vulnerability there the community would switch to a new mining algorithm to secure new blocks.
Addresses are protected by hashing a public key to the bitcoin address (https://en.bitcoin.it/wiki/Technical_background_of_version_1...). If you've always sent coins to new addresses like the hierarchical deterministic wallets do then your public key is only exposed after you spend the coins, so you are not susceptible to a cracking attempt on the public key.
> If there was a vulnerability there the community would switch to a new mining algorithm to secure new blocks.
This would be extremely interesting to watch as a new algorithm would render all (or at least most) existing miners useless as they use SHA256-specific-ASICs. The economic and control fundamentals of Bitcoin completely change if you change the hash algorithm.
Not to mention it takes non-zero time to choose a new hash, make the code changes, and deploy it worldwide. Even if somehow you do that in hours or days, what happens in the mean time? Bitcoin would be entirely unsafe to use and anyone using it as their primary financial store better hope they have some food stockpiled (and bills paid)!
Luckily I've not heard anyone question the math behind Bitcoin's proof-of-work algorithm, so I think this possibility is exceedingly unlikely as the math is well understood.
Breaking Bitcoin's hash algorithm would require a feasible pre-image attack on SHA-256. Such a thing would have far greater consequences than forcing Bitcoin to change its proof-of-work algorithm. Tons of protocols and applications would be rendered insecure. We'd all be scrambling to fix TLS, SSH, IPSec, GPG, and dozens of other key pieces of software. I'm not sure how Debian-based systems would upgrade, since deb packages are verified by SHA-256. In short, it would be utter chaos.
Every system you mentioned other than Bitcoin already supports alternatives to SHA-256. There'd be a scramble for sure, but no different than the current steady stream of OpenSSL vulns. Probably less of a scramble than many OpenSSL vulns as SHA-256 could often be disabled via simple config file changes.
Bitcoin on the other hand would have to fundamentally change due to miners with ASICs. The code change might be minimal, but the economic, political, and psychological impact would be huge. For miners to lose their entire infrastructure investment in ASICs may cause an unrecoverable drop in hash rate as it takes 2 weeks for difficulty to recalculate.
This is why SHA-3 exists. If it starts looking feasible that SHA-256 is going to be broken, we already have alternatives. We've already seen TLS et al switch from hashes like MD5 and SHA-1 a few years ago. Pretty much all the other systems have systems in place to migrate in case one part of the validation system is cracked. Bitcoin doesn't, and given the fractured state of the community, having a migration system would be difficult at the very least.
Addresses are protected by hashing a public key to the bitcoin address (https://en.bitcoin.it/wiki/Technical_background_of_version_1...). If you've always sent coins to new addresses like the hierarchical deterministic wallets do then your public key is only exposed after you spend the coins, so you are not susceptible to a cracking attempt on the public key.