loading
Loading content
loading
Also known as 0-day
A zero-day is a flaw that someone can exploit while the vendor has had zero days to ship a patch. The term covers both the vulnerability and, loosely, the exploit that weaponizes it. Until a fix exists, defenders rely on detection, compensating controls, and isolation rather than patching. Log4Shell (CVE-2021-44228) showed how fast a zero-day in a widely embedded component spreads: attackers scanned the internet for vulnerable instances within hours of disclosure.
Zero-days matter because they bypass the patch-management cycle that most defense assumes. An organization can be fully up to date and still fall, since no update addresses the flaw yet. For attackers, a working zero-day buys access that signature-based tools rarely catch on the first pass.
When a zero-day becomes public it gets assigned a CVE identifier, and the working code that triggers it is the exploit. Threat intelligence feeds and any indicator of compromise tied to active exploitation help defenders respond before a patch lands.
In Trickest you can build a workflow that watches for new disclosures and immediately scans your inventory for affected versions, so you measure exposure the moment a zero-day surfaces.
Related terms