A 'zero-day' exploit targets a vulnerability for which a patch has not yet been released or that is not publicly known. The term 'zero day' refers to the fact that the developers have had zero days to fix the issue since the exploit has occurred before or on the same day that the vulnerability is discovered. An exploit for a vulnerability that is already known and patched would not be considered a 'zero-day'.