Zero Day vulns are those which have been publicly disclosed but there are no patches available yet. Basically, it is the case of an attacker discovering a vulnerability before the defender. These pose a huge threat to software systems. You can think of these to be "P0" issues, which need to be fixed immediately.

A recent example of this would be HTTP/2 Rapid Reset attack.