← Back to Topics

Zero-Day Definition Debate

This cluster revolves around debates on the exact meaning of 'zero-day' in cybersecurity, including whether it refers to unpatched vulnerabilities, exploits used before patches are available, or flaws disclosed prior to fixes.

📉 Falling 0.3x Security
1,060
Comments
19
Years Active
5
Top Authors
#3199
Topic ID

Activity Over Time

2008
3
2009
11
2010
20
2011
19
2012
28
2013
62
2014
31
2015
88
2016
47
2017
71
2018
58
2019
81
2020
125
2021
90
2022
88
2023
107
2024
62
2025
67
2026
2

Top Contributors

tptacek (18) saagarjha (14) InclinedPlane (5) cheald (5) rosndo (4)

Keywords

PHP IMO CVE cvedetails.com kuiper.nu zero day zero day vulnerability exploit days patch scene exploited just means

Sample Comments

wolfi1 Aug 23, 2023 View on HN

it's a zero-day when it is not patched but still exploited

milliams Aug 23, 2023 View on HN

Is it really a "zero-day" if it's being used months later?

lawnchair_larry May 5, 2012 View on HN

zero day has always meant an unpatched vuln.

charcircuit Apr 9, 2021 View on HN

A zero day just means that the vulnerability hasn't been patched.

codeulike Apr 16, 2013 View on HN

Its not a "zero-day exploit" if there's been a patch out for it for N days, where N>0, right?

singlow Apr 16, 2013 View on HN

It is a 0-day because the vulnerability was disclosed publicly before the patch was made available.

ThouYS Mar 12, 2024 View on HN

these zero days are already the status quo?!

worthless-trash Jul 31, 2023 View on HN

Aren't all vulnerabilities zerodays and therefore unpatched at some point?

cpeterso Oct 16, 2015 View on HN

"0 day" just means that the vulnerability was reported before it was fixed.

bibinou Apr 13, 2021 View on HN

If it's got a fix it's not a zero-day.