What do we call a security exploit with no vendor patch readily available?

A security exploit that has no vendor patch readily available is known as a zero-day. This term originates from the fact that the exploit is active on the day it is discovered, leaving software vendors with 'zero days' to address the vulnerability before it can be exploited by malicious actors. Zero-day vulnerabilities are especially dangerous because they can be leveraged for attacks without any known defenses or patches in place, making them critical issues for organizations to manage.

This term emphasizes the urgency and the secrecy often surrounding such vulnerabilities, as they can be used before any countermeasures can be implemented.Organizations must adopt proactive security strategies, such as intrusion detection systems and regular updates of their security measures, to mitigate the risks these exploits pose.