Huh, just noticed that CNSA 2.0 mandates ML-KEM-1024, but all browsers and service providers currently implement (hybrid) X25519MLKEM*768*. So if you're an NSS system or a compliant service provider or vendor... you need to support multiple #pqc key groups, but we we currently don't even have code points for ML-KEM-1024 hybrids. So yay?
(Edit: there's SecP384r1MLKEM1024, but of course nobody has implemented that yet, I think. And we still need to solve the keygroup-selection problem.)