January 12, 2026

Summary

• Added aliases for Platform threat, screenshot, SHA-1 hash, and organization data fields.
• Deployed several enhancements to the ASM web UI.
• One new software fingerprint for Coolify and one new ASM risk fingerprint for n8n services vulnerable to Ni8mare (CVE-2026-21858).
• Two new Rapid Response advisories:
  • Three Vulnerabilities in Coolify Self-Hosting Platform [CVE-2025-64424, CVE-2025-64420, CVE-2025-64419]
  • n8n Unauthenticated Remote Code Execution (NI8MARE) [CVE-2026-21858]

Platform

• Added the following aliases for Platform data fields:
  • threats
  • screenshots
  • sha1
  • org

ASM

• Several improvements to the ASM web UI were made, including:

  • The workspace selection dropdown is now on the right side of the navigation bar.

  • Icons have been added to many of the items available in the top navigation dropdowns.

  • Scan frequency information is now located at the bottom of the Resources dropdown.

  • Added links to the Integrations dropdown to see all integrations, connected integrations, available integrations, and integrations that need attention.

    

Rapid Response

The Censys Rapid Response team published information about and queries for the following issues.

• Three Vulnerabilities in Coolify Self-Hosting Platform [CVE-2025-64424, CVE-2025-64420, CVE-2025-64419]
  • The following queries can be used to identify exposed Coolify instances.
    • Platform query
    • ASM query
    • Legacy Search query
• n8n Unauthenticated Remote Code Execution (NI8MARE) [CVE-2026-21858]
  • The following queries can be used to identify exposed and potentially vulnerable n8n instances.
    • Platform query
    • ASM risk query
    • Legacy Search query

New fingerprints

Added the following fingerprints.

risks.name: `Vulnerable n8n (Ni8mare) [CVE-2026-21858]`