My understanding, zero day means when the exploit was discovered it was already being used in the wild. This is different from an exploit discovered by a bounty program or by security researchers.
A zero-day (also known as a 0-day) is a vulnerability in software or hardware that is typically unknown to the vendor and for which no patch or other fix is available. The vendor has zero days to prepare a patch as the vulnerability has already been described or exploited.
Zero Day just means that you have zero days to fix it before it becomes a problem. Doesn’t mean that you actually take zero days to fix it.
What? No it doesn’t, it means that the exploit has been known for zero days, aka it’s an unknown exploit.
My understanding, zero day means when the exploit was discovered it was already being used in the wild. This is different from an exploit discovered by a bounty program or by security researchers.
From wiki