zero-day

The day a security researcher reports the discovery of a new vulnerability to either the technology manufacturer, a security news group, or both. This starts the "time to exploit clock" which tracks the number of days between the discovery of the vulnerability and the exploitation of it.