N-Day
An n-day is a vulnerability that has had a patch available for some time but is still being exploited against unpatched systems.
Definition
"N-day" is the counterpart to zero-day: a vulnerability for which a patch has existed for n days (where n is some positive number — usually weeks to years). N-days are the bread-and-butter of opportunistic attackers; the patch has shipped, but the unpatched install base is enormous and the exploit code is freely available.
Most real-world breaches involve n-day rather than zero-day exploitation. Equifax (2017, Apache Struts CVE-2017-5638) used an exploit that had been patched two months before the breach; the MOVEit Transfer mass-exploitation campaign (2023, CVE-2023-34362) lasted weeks past patch availability.
Mitigation
Class-specific. The mitigation is straightforward — patch — and the chronic problem is operational rather than technical.