{"uuid": "7c7c9dea-3e01-4444-ada1-bc6bb9a31657", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-68613", "type": "published-proof-of-concept", "source": "https://t.me/cKure/15856", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 CVE-2026-21858 + CVE-2025-68613: n8n Ni8mare - Full Chain Exploit\n\nUnauthenticated to Root RCE:\n- LFI via Content-Type confusion\n- Read /proc/self/environ to find HOME\n- Steal encryption key + database\n- Forge admin JWT token\n- Expression injection sandbox bypass\n- RCE as root\n\nCVSS 10.0\n\nhttps://github.com/Chocapikk/CVE-2026-21858", "creation_timestamp": "2026-01-08T19:06:31.000000Z"}