Got a security note from Bitvise regarding ChaCha20-Poly1305.
As you're using Poly1305 as well please have a look it doesn't affect rclone encryption as well (I simply dunno, am no crypto genius).
Researchers have identified an issue where all SSH connections which use the encryption algorithm ChaCha20-Poly1305, or any integrity algorithm of type Encrypt-then-MAC, are vulnerable to packet sequence manipulation by an active attacker, if the attacker can intercept the network path. This can be used to sabotage SSH extension negotiation. This affects extensions with security impact, such as server-sig-algs.
Since the attacker can only remove packets sent before user authentication, this does not seem to fatally break the security of the SSH connection.
However, it is a cryptographic weakness to address.