The button to load more posts on the Articles block passes the arguments for the query that will fetch the next posts (the parameters like which tags, which category...) to the backend using query parameters. However these arguments are passed straight to the WP query, without picking only the ones needed that are safe to expose.

The most important one is the post_status. This is currently already passed as a data-attribute, so you can load any page with an articles block, only change the "data-post_status" attribute to "draft", remove all other data-attributes that would filter the query. Then clicking load more will give you all unpublished posts.