Wireshark

by The Wireshark developer community, https://www.wireshark.orgv4.6.6

Last updated Jun 8, 2026

The world's most popular network protocol analyzer.

Install with winget

$ winget install --id WiresharkFoundation.Wireshark --exact --version 4.6.6

Run in Command Prompt, PowerShell, or Windows Terminal. Prompts for any agreements.

Silent install command for Wireshark

Wireshark uses EXE (NSIS). The silent install switches are /S.

One-line silent install (x64, machine scope)

Wireshark-4.6.6-x64.exe /S

See the full silent install reference for Wireshark →

Built by Pckgr

For Intune admins

Stop chasing app updates. Pckgr patches them for you.

Automated application patching for Microsoft Intune. Pckgr keeps a curated library of 1,000+ apps continuously up-to-date in your tenant via Microsoft Graph - no manual repackaging, no chasing vendor sites.

Start free 30-day trial

No credit card required.

About

Wireshark is the world's foremost network protocol analyzer. It lets you see what's happening on your network at a microscopic level. It is the de facto (and often de jure) standard across many industries and educational institutions.

Wireshark development thrives thanks to the contributions of networking experts across the globe. It is the continuation of a project that started in 1998.

Installers · v4.6.6

Architecture	Type	Scope	Download
x64	EXE NSIS	machine	Direct
x64	MSI WiX	machine	Direct
arm64	EXE NSIS	machine	Direct

Copy a command tailored to that specific architecture, type, and scope - useful when winget would otherwise pick a different default.

Security

25 known CVEs via NVD

medium5.5Patched in wingetCVE-2026-9759affects before 4.4.16, 4.6.6May 27, 2026
ROHC protocol dissector crash in Wireshark 4.6.0 to 4.6.5 and 4.4.0 to 4.4.15 allows denial of service
Vendor advisory
medium5.5Patched in wingetCVE-2026-6525affects before 4.6.5May 2, 2026
IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.4
Patch Vendor advisory
high7.0Patched in wingetCVE-2026-5656affects before 4.4.15, 4.6.5May 1, 2026
Profile import path traversal in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution
Vendor advisory
high7.8Patched in wingetCVE-2026-5405affects before 4.4.15, 4.6.5May 1, 2026
RDP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution
Vendor advisory
medium4.7Patched in wingetCVE-2026-5404affects before 4.4.15, 4.6.5May 1, 2026
K12 RF5 file parser crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
Vendor advisory
high7.8Patched in wingetCVE-2026-5403affects before 4.4.15, 4.6.5May 1, 2026
SBC codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution
Vendor advisory
medium5.5Patched in wingetCVE-2026-6870affects >=4.6.0 and <=4.6.4Apr 30, 2026
GSM RP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
Vendor advisory
medium5.5Patched in wingetCVE-2026-6869affects >=4.6.0 and <=4.6.4Apr 30, 2026
WebSocket protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
Vendor advisory

Showing 8 of 25. Source: NVD, updated 7h ago. Patch status is best-effort: NVD's fix version is compared against the latest version in winget, but the two version formats don't always align. Confirm with the vendor advisory before treating any specific build as safe.

See a CVE that affects your fleet? Push the patched version to Intune in one click with Pckgr - automated patching is the only way to keep up.

Related apps

WinDbgMicrosoft
Microsoft.WinDbgv1.2603.20001.0
WinDbg is a debugger that can be used to analyze crash dumps, debug live user-mode and kernel-mode code, and examine CPU registers and memory.
ReqableReqqable Inc.
Reqable.Reqablev3.1.3
Advanced API Debugging Proxy.
InterceptSuite StandardInterceptSuite
InterceptSuite.InterceptSuite.Standardv1.2.0
MITM proxy for TCP/TLS/DTLS/UDP traffic, with STARTTLS, IoT, Thick Client and more.
ProxifierVentoByte SL
VentoByte.Proxifierv4.14
Proxifier allows network applications that do not support working through proxy servers to operate through a SOCKS or HTTPS proxy and chains.
Progress Telerik Fiddler ClassicProgress Software Corporation
Telerik.Fiddler.Classicv5.0.20261.4301
The Original and Free Web Debugging Proxy Tool Exclusively for Windows
C
Charles ProxyXK72
XK72.Charlesv5.2.0.1
Web debugging proxy application

Frequently asked questions

How do I install Wireshark on Windows?

Open Windows Terminal, PowerShell, or Command Prompt and run: winget install --id WiresharkFoundation.Wireshark --exact --version 4.6.6. winget downloads the installer from The Wireshark developer community, https://www.wireshark.org and runs it. Requires Windows 10 (1809+) or Windows 11.

How do I install Wireshark silently for unattended deployment?

Add --silent and accept the agreements upfront: winget install --id WiresharkFoundation.Wireshark --exact 4.6.6 --silent --accept-package-agreements --accept-source-agreements. This is the variant Intune, Configuration Manager, and other deployment tools should use.

What are the silent install switches for Wireshark?

Wireshark uses EXE (NSIS). Run the downloaded installer with: Wireshark-4.6.6-x64.exe /S. The silent switches are /S.

How do I uninstall Wireshark via winget?

Run: winget uninstall --id WiresharkFoundation.Wireshark --exact. Add --silent for unattended uninstalls. winget will use the registered uninstaller from Wireshark's Apps & Features entry.

Is Wireshark free?

Wireshark is distributed under GPL-2.0. Refer to the publisher (https://www.wireshark.org/) for the full license terms - Wingetly itself does not charge for installation.

Does Wireshark work on Windows 10?

Yes, as long as your Windows 10 build supports winget (1809 or newer). winget ships with App Installer on Windows 10/11 and pulls Wireshark directly from the publisher.

How do I keep Wireshark up to date?

Run winget upgrade --id WiresharkFoundation.Wireshark --exact, or winget upgrade --all to update everything winget tracks. We index 10 versions of Wireshark from microsoft/winget-pkgs.

Recent versions

4.6.6latest
4.6.5
4.6.4
4.6.3
4.6.2
4.6.1
4.6.0
4.4.9
4.4.8
4.4.7