The term Zero-day is typically used in conjunction with terms such as “vulnerability” or “exploit”.
A zero-day exploit refers to a vulnerability discovered in software, for which:
there is no available remedy – end users have no way to fix or “patch” the vulnerability
there is known malware actively exploiting that vulnerability to infect, damage or otherwise compromise computers on which the vulnerable software is running
“Zero-day” refers to the amount of time that the software authors have to fix the issue: zero – ideally it needs to be resolved immediately.
Any vulnerability that is first discovered by virtue of encountering malware in the wild that exploits it can be considered zero-day. This is contrasted with vulnerabilities discovered by researchers and others for which patches are made available before malware exploiting it is found.