Vulnerability Management
Zero-Day Vulnerability
A vulnerability that is exploited before the vendor knows about it or has a fix.
A zero-day is a vulnerability unknown to the vendor and without a patch. Attackers exploit zero-days before defenders can respond. Mitigation depends on defense-in-depth: least privilege, network segmentation, WAFs, and anomaly detection.