A zero-day vulnerability is a vulnerability that the application author has not yet become aware of.
Major software vendors issue frequent security updates to patch known vulnerabilities. If a vulnerability is discovered by someone other than the program’s author, attackers can exploit the weakness before a patch can be issued. (Thus, the author has had “zero days” to prepare themselves.)
Zero-day exploits are an example of why it is important to practice defense in depth, since you are immediately vulnerable once a zero-day is discovered in any software you use. Ways to mitigate this kind of vulnerability include:
Minimizing information leakage, so you are not advertising your tech stack to attackers.
Following the principle of least privilege, so the impact of attacks are limited.
Making sure to run up-to-date anti-virus and firewall software, if you host your own servers.
Keeping on top of security advisories for your technology stack.