Most root store have between 50 and 150 CAs. If any of them is compromised, it could be very quickly lead to MITM on any website. Certificate Transparency goes a long way to limit the damage, but it only allows detecting fraud, but by the time it is detected, it might very well be too late and the fraudulent certificate might have already been used to MITM a specific target.
I wonder why we can’t secure DNS enough that anyone could just use self-signed certificates in DNS txt records, which would be the only accepted DNS certificate when connecting to the domain.
I guess that for the moment DNS is not secure enough for that.