Security Glossary

Definition

What is Zero-Day Vulnerability?

A software vulnerability that has been discovered but not yet publicly disclosed or patched by the vendor, leaving affected systems with no available fix at the time it is known or exploited. Zero-day vulnerabilities are extremely valuable in offensive operations because defenders have no warning and traditional signature-based defenses cannot detect their exploitation. Researchers who discover zero-days may responsibly disclose them to vendors under coordinated disclosure programs, or sell them to government agencies and exploit brokers.

Related terms

Put this into practice
AI penetration testing for web applications
See how Penetrify's autonomous AI agents find and validate this class of security issue in your application.