An empirical analysis of zero-day vulnerabilities disclosed by the zero day initiative

TL;DR

This paper analyzes 415 zero-day vulnerabilities disclosed in early 2024, identifying trends, severity factors, and evaluating predictive models to improve vulnerability management and patch prioritization.

Contribution

It provides the first comprehensive empirical analysis of ZDI disclosures in 2024 and compares classical and deep learning models for severity prediction.

Findings

Severity correlates strongly with certain vulnerability characteristics.

Deep learning models outperform classical machine learning in severity classification.

Identified key trends and patterns in zero-day disclosures for better threat mitigation.

Abstract

Zero-day vulnerabilities represent some of the most critical threats in cybersecurity, as they correspond to previously unknown flaws in software or hardware that are actively exploited before vendors can develop and deploy patches. During this exposure window, affected systems remain defenseless, making zero-day attacks particularly damaging and difficult to mitigate. This study analyzes the Zero Day Initiative (ZDI) vulnerability disclosures reported between January and April 2024, Cole [2025] comprising a total of 415 vulnerabilities. The dataset includes vulnerability identifiers, Common Vulnerability Scoring System (CVSS) v3.0 scores, publication dates, and short textual descriptions. The primary objectives of this work are to identify trends in zero-day vulnerability disclosures, examine severity distributions across vendors, and investigate which vulnerability characteristics are most indicative of high severity. In addition, this study explores predictive modeling approaches for severity classification, comparing classical machine learning techniques with deep learning models using both structured metadata and unstructured textual descriptions. The findings aim to support improved patch prioritization strategies, more effective vulnerability management, and enhanced organizational preparedness against emerging zero-day threats.