Well... a bech32 address is basically a hash of the public key that's derived from the private key.
So, if you find a private key where the hash of the public key is equal to an address that was previously funded, you'll be able to spend the funds funding said address EVEN if the funds don't actually "belong" to you.
What you are talking about is key collision... It's theoretically possible, however, the odds are sooooooooo small, they're so close to 0 that in reality you can assume key collision is impossible IF the private key was generated properly.
In other words: it's not like you're "receiving" an address from a central institution, and if this institution runs out of addresses to pass out there'll be problems. The correct situation is:
- your wallet generates a completely random private key (or it derives a private key from a master private key)
- your wallet derives the public key from the private key
- your wallet hashes the public key and the endresult is your address
Here's an interesting read as to how bech32 addresses are generated:
https://bitcointalk.org/index.php?topic=4992632.0