You’ll have the same ‘find’ challenges we had, i.e. traversing symlinks and network shared filesystems.
What you’re trying looks to me similar to @strawgate’s method, detailed at Free Tool: Low-Impact Log4j CVE-2021-44228 Detection so suggest you have a look there.
I.E. instead of using ‘find’ to walk every filesystem, start with using ‘lsof’ to list everything and then filter the ‘lsof’ result.