With the following code taken from here you can find Cloud Run services that permit unauthenticated invocations.
#!/bin/bash############################# Run this tool to find Cloud Run services that permit unauthenticated# invocations anywhere in your GCP organization.# Enjoy!############################for proj in $(gcloudprojectslist--format="get(projectId)"); doecho"[*] scraping project $proj" enabled=$(gcloudserviceslist--project"$proj"|grep"Cloud Run API")if [ -z"$enabled" ]; thencontinuefifor run in $(gcloudrunserviceslist--platformmanaged--quiet--project $proj --format="get(name)"); do ACL="$(gcloudrunservicesget-iam-policy $run --platformmanaged--project $proj)" all_users="$(echo $ACL |grepallUsers)" all_auth="$(echo $ACL |grepallAuthenticatedUsers)"if [ -z"$all_users" ]then:elseecho"[!] Open to all users: $proj: $run"fiif [ -z"$all_auth" ]then:elseecho"[!] Open to all authenticated users: $proj: $run"fidonedone