Technically speaking, so-called zero-click attacks don’t include code execution flaws that can be activated by tricking you into viewing a web page with booby-trapped content. True zero-click attacks allow hackers to take control of your device just by turning it on and connecting it to the internet.
The famed Code Red and Slammer worms from the early 2000s, which spread across the globe in a matter of hours by discovering new victims’ computers on their own, and the fabled Morris Worm from 1988, which spread across the globe practically as soon as its inventor released it, are two well-known examples.