What is a Zero-Day Vulnerability?

A zero-day vulnerability is a software or system weakness that does not yet have an available fix at the time it is known or exploited.

Zero-days are difficult to defend against because signatures and patches may not exist yet. Defense often relies on monitoring, segmentation, least privilege, and rapid response.

I separate known vulnerability assessment work from zero-day language because overusing the term can make reports less accurate.