What is a Zero-Day exploit?

A Zero-Day exploit is defined as a vulnerability that is actively exploited in the wild before the software vendor has had the chance to develop and release a patch or fix for it. This timing is crucial because it underscores the degree of risk involved; once a vulnerability is made public, attackers can exploit it until a patch is released. As such, Zero-Day exploits are particularly dangerous as they can lead to significant security breaches before any remediation is possible.

While it is also true that the vulnerability itself may be unknown to the public, the emphasis on the timing of the exploit is what distinguishes it. The key here is the exploitation occurring during the gap (or "zero-day" period) before a fix becomes available. This is why the second answer captures the essence of what a Zero-Day exploit truly entails.