What Is a Zero-Day? A Flaw With No Patch Yet
A zero-day is a vulnerability that the vendor does not yet know about or has not yet fixed, so defenders have zero days to prepare a patch.
A zero-day is a vulnerability for which no fix exists yet, because the people who could fix it do not know about it or have not shipped a patch. The name reflects the defender position: zero days of warning. Zero-days are prized by attackers precisely because there is no available defense, which makes fast response capability essential.
Why zero-days are dangerous
With a known vulnerability you can patch or mitigate. With a zero-day there is, by definition, no official fix at the moment of attack. Defenders rely on detection, isolation, and rapid response rather than a ready patch.
The lifecycle
- Discovery: someone finds the flaw, attacker or researcher.
- Exploitation or disclosure: it is used in attacks or reported to the vendor.
- Patch: the vendor ships a fix; it stops being a zero-day.
Zero-day versus known vulnerability
Once a patch exists, a flaw is no longer a zero-day, but unpatched systems remain at risk. Most breaches actually exploit known, already-patched vulnerabilities on systems that were slow to update, which is where CI-driven patching pays off.
Why fast pipelines matter
You cannot prevent a zero-day, but you can shorten the window from "patch released" to "patch deployed." A fast, reliable CI/CD pipeline turns an emergency patch into a routine deploy, dramatically reducing exposure time.
Preparing in CI/CD
Dependency scanning that watches for newly disclosed issues, automated fix pull requests, and a pipeline that can ship a patch quickly are the practical defenses. When a zero-day in a dependency is disclosed, you want to be minutes from a deploy, not days.
Reducing standing exposure
Minimizing long-lived secrets and broad permissions limits what an attacker can do even if they exploit a zero-day. Short-lived credentials and isolated, ephemeral runners contain the blast radius of a successful exploit.
Key takeaways
- A zero-day is a vulnerability with no available patch at the time of attack.
- Most real breaches exploit known, already-patched flaws on slow-to-update systems.
- A fast CI/CD pipeline shortens the window between patch release and deployment.