Go (the language syncthing is written in) supports the Post-Quantum hybrid key exchange X25519MLKEM768 in current Go releases (1.24+). As such, if you trust Kyber to be secure in a PQ-environment, Go TLS handshakes can be reasonably secure.
Recent syncthing releases (1.29.3+) are using Go 1.24. However, I had a look with Wireshark, and all of my syncthing instances do not announce ML-KEM (Kyber) capabilities. All handshakes are still “traditional” X25519 (which is not PQ-secure). I could not identify the reason for this - a search of the syncthing code base does not reveal any settings that might disable Kyber in syncthing.