What type of vulnerabilities do zero-day exploits represent?

Zero-day exploits represent undetectable vulnerabilities that have not yet been discovered or addressed by the software vendor. This means that these vulnerabilities are new and have not been publicly documented or fixed, allowing attackers to exploit them before any defensive measures can be implemented. The term "zero-day" refers to the fact that since the vulnerability is unknown to the vendor or the public, they have had "zero days" to create a patch or mitigate the threat.

This unique nature of zero-day vulnerabilities makes them particularly dangerous, as they can be leveraged in attacks without warning and can cause significant harm before victims are even aware of the risk. The absence of available patches or defenses at the time an exploit is discovered is what classifies them distinctly from more common vulnerabilities which may have known fixes or mitigations.