A zero-day vulnerability is one that is known to the software vendor but has not yet been patched or for which a patch is not yet widely available. These vulnerabilities are highly critical because they can be exploited by attackers while there is still no widely available or implemented solution to mitigate them. Understanding the correct term is essential for clear communication in reporting vulnerabilities. 'Unidentified' implies that the vulnerability is not known, which is incorrect for a zero-day. 'Known issue' does not necessarily indicate that there is no patch available, and 'under review' suggests that the vulnerability is being evaluated but does not convey the urgency or lack of available patch.
Learn More
AI Generated Content may display inaccurate information, always double-check anything important.
What is a zero-day vulnerability and why is it significant?
What steps can organizations take to protect themselves from zero-day vulnerabilities?
How do zero-day vulnerabilities compare to other types of vulnerabilities?