Zimbra Desktop

by Synacor, Inc.v4.46.0

Last updated Jun 8, 2026

Zimbra Desktop is a desktop email client that gives you online and offline access to your Zimbra email.

Install with winget

$ winget install --id Synacor.ZimbraDesktop --exact --version 4.46.0

Run in Command Prompt, PowerShell, or Windows Terminal. Prompts for any agreements.

Silent install command for Zimbra Desktop

Zimbra Desktop uses EXE (NSIS). The silent install switches are /S.

One-line silent install (x64)

Zimbra_Desktop_4.46.0_c975480bb_20250701133104.exe /S

See the full silent install reference for Zimbra Desktop →

Built by Pckgr

For Intune admins

Stop chasing app updates. Pckgr patches them for you.

Automated application patching for Microsoft Intune. Pckgr keeps a curated library of 1,000+ apps continuously up-to-date in your tenant via Microsoft Graph - no manual repackaging, no chasing vendor sites.

Start free 30-day trial

No credit card required.

About

Zimbra Desktop is a desktop email client that gives you online and offline access to your Zimbra email. More than just another choice in the email client landscape, Zimbra Desktop blurs the line between a web application and a traditional desktop application.

Zimbra Desktop uses the same technology as Zimbra 9’s Web Application, has intuitive navigation, supports customizations, and is secure.

Installers · v4.46.0

Architecture	Type	Scope	Install	Download
x64	EXE NSIS	-		Direct

Copy a command tailored to that specific architecture, type, and scope - useful when winget would otherwise pick a different default.

Security

25 known CVEs via NVD

high8.8Patched in wingetCVE-2026-33373affects before 10.0.18, 10.1.13Mar 30, 2026
An issue was discovered in Zimbra Collaboration (ZCS) 10.0 and 10.1. A Cross-Site Request Forgery (CSRF) vulnerability exists in Zimbra Web Client due to the issuance of authentication tokens without CSRF protection during certain account state transitions. Specifically, tokens...
Vendor advisory
medium5.4Patched in wingetCVE-2026-33372affects before 10.1.16Mar 20, 2026
An issue was discovered in Zimbra Collaboration (ZCS) 10.0 and 10.1. A cross-site request forgery (CSRF) vulnerability exists in Zimbra Webmail due to improper validation of CSRF tokens. The application accepts CSRF tokens supplied within the request body instead of requiring th...
Vendor advisory
medium4.3Patched in wingetCVE-2026-33371affects before 10.1.16Mar 20, 2026
An issue was discovered in Zimbra Collaboration (ZCS) 10.0 and 10.1. An XML External Entity (XXE) vulnerability exists in the Zimbra Exchange Web Services (EWS) SOAP interface due to improper handling of XML input. An authenticated attacker can submit crafted XML data that is pr...
Vendor advisory
medium6.1Patched in wingetCVE-2026-33370affects before 10.1.16Mar 20, 2026
An issue was discovered in Zimbra Collaboration (ZCS) 10.0 and 10.1. A stored cross-site scripting (XSS) vulnerability exists in the Zimbra Briefcase feature due to insufficient sanitization of specific uploaded file types. When a user opens a publicly shared Briefcase file cont...
Vendor advisory
medium4.3Patched in wingetCVE-2026-33369affects before 10.1.16Mar 20, 2026
Zimbra Collaboration (ZCS) 10.0 and 10.1 contains an LDAP injection vulnerability in the Mailbox SOAP service within a FolderAction operation. The application fails to properly sanitize user-supplied input before incorporating it into an LDAP search filter. An authenticated atta...
Vendor advisory
medium6.1Patched in wingetCVE-2026-33368affects before 10.1.16Mar 20, 2026
Zimbra Collaboration Suite (ZCS) 10.0 and 10.1 contains a reflected cross-site scripting (XSS) vulnerability in the Classic Webmail REST interface (/h/rest). The application fails to properly sanitize user-supplied input, allowing an unauthenticated attacker to inject malicious...
Vendor advisory
high7.2Patched in wingetCVE-2025-66376affects before 10.0.18, 10.1.13Jan 5, 2026
Zimbra Collaboration (ZCS) 10 before 10.0.18 and 10.1 before 10.1.13 allows Classic UI stored XSS via Cascading Style Sheets (CSS) @import directives in an HTML e-mail message.
Vendor advisory
high8.8Patched in wingetCVE-2025-68645affects before 10.0.18, 10.1.13Dec 22, 2025
A Local File Inclusion (LFI) vulnerability exists in the Webmail Classic UI of Zimbra Collaboration (ZCS) 10.0 and 10.1 because of improper handling of user-supplied request parameters in the RestFilter servlet. An unauthenticated remote attacker can craft requests to the /h/res...
Vendor advisory

Showing 8 of 25. Source: NVD, updated just now. Patch status is best-effort: NVD's fix version is compared against the latest version in winget, but the two version formats don't always align. Confirm with the vendor advisory before treating any specific build as safe.

See a CVE that affects your fleet? Push the patched version to Intune in one click with Pckgr - automated patching is the only way to keep up.

Frequently asked questions

How do I install Zimbra Desktop on Windows?

Open Windows Terminal, PowerShell, or Command Prompt and run: winget install --id Synacor.ZimbraDesktop --exact --version 4.46.0. winget downloads the installer from Synacor, Inc. and runs it. Requires Windows 10 (1809+) or Windows 11.

How do I install Zimbra Desktop silently for unattended deployment?

Add --silent and accept the agreements upfront: winget install --id Synacor.ZimbraDesktop --exact 4.46.0 --silent --accept-package-agreements --accept-source-agreements. This is the variant Intune, Configuration Manager, and other deployment tools should use.

What are the silent install switches for Zimbra Desktop?

Zimbra Desktop uses EXE (NSIS). Run the downloaded installer with: Zimbra_Desktop_4.46.0_c975480bb_20250701133104.exe /S. The silent switches are /S.

How do I uninstall Zimbra Desktop via winget?

Run: winget uninstall --id Synacor.ZimbraDesktop --exact. Add --silent for unattended uninstalls. winget will use the registered uninstaller from Zimbra Desktop's Apps & Features entry.

Is Zimbra Desktop free?

Zimbra Desktop is distributed under Proprietary. Refer to the publisher (https://www.zimbra.com/) for the full license terms - Wingetly itself does not charge for installation.

Does Zimbra Desktop work on Windows 10?

Yes, as long as your Windows 10 build supports winget (1809 or newer). winget ships with App Installer on Windows 10/11 and pulls Zimbra Desktop directly from the publisher.

How do I keep Zimbra Desktop up to date?

Run winget upgrade --id Synacor.ZimbraDesktop --exact, or winget upgrade --all to update everything winget tracks. We index 1 version of Zimbra Desktop from microsoft/winget-pkgs.