The value of 0days can range from a few thousands to a million dollars for a full remote exploit chain. Many companies and governments are willing to buy them, but exploit buyers will not pay the full exploit price in case the vulnerability gets fixed by the vendor. We hope this program will encourage more researchers to look into monthly security updates, and promote better patching. We will provide ZHA partners between one to three months advanced notice, before releasing the exploit publicly (unlike most exploit acquisition programs). We will not release these exploits publicly if requested by the author.”]
Source: https://blog.zimperium.com/zimperium-announces-its-exploit-acquisition-program-for-n-days/