I noticed that, from a relatively small sample, it seems that ACME clients don't tend to verify the certificates they receive from the CA. The opportunity for abuse is low, but a malicious CA could still take advantage of the trust established in the earlier stages of the process.
I've written about it here: https://gitlab.com/microsec-public/meep-meep/-/blob/master/README.md
I've also proposed some extra checking in acme.sh as an example of working towards improving clients: https://github.com/acmesh-official/acme.sh/pull/3206
I would be grateful for any feedback, comments or suggestions that anyone might have.