Ok I figured it out myself. I forgot to set the iv when decrypting the message in Node.js, the working code looks like this:
var key = new Buffer(rows[0]['sessionkey'], 'binary');
function decipher(key, data) {
var decipher = Core.crypto.createDecipheriv('aes-256-cbc', key.toString('binary'), str_repeat('\0', 16));
decipher.update(data, 'base64', 'utf8');
return decipher.final('utf8');
}
I hope this will help anyone in the future!
Best Regards