Wireshark 4.6.3 Release Notes

What is Wireshark?

Wireshark is the world's most popular network protocol analyzer. It is used for troubleshooting, analysis, development and education.

Wireshark is hosted by the Wireshark Foundation, a nonprofit which promotes protocol analysis education. Wireshark and the foundation depend on your contributions in order to do their work. If you or your organization would like to contribute or become a sponsor, please visit wiresharkfoundation.org.

If you use Wireshark professionally or you just want to learn more about protocol analysis, you should join us at SharkFest, the Wireshark developer and user conference.

You can also become a Wireshark Certified Analyst! Official Wireshark training and certification are available from the Wireshark Foundation.

What's New

Bug Fixes

The following vulnerabilities have been fixed:

• [wnpa-sec-2026-01] BLF file parser crash. Bug 20880.
• [wnpa-sec-2026-02] IEEE 802.11 dissector crash. Bug 20939.
• [wnpa-sec-2026-03] SOME/IP-SD dissector crash. Bug 20945.
• [wnpa-sec-2026-04] HTTP3 dissector infinite loop. Bug 20944.

The following bugs have been fixed:

• Wireshark 4.6.0 build fails on Solaris: pcapio.c:441:21: error: request for member '_flag' in something not a structure or union. Bug 20773.
• RTP Player streams cannot be stopped. Bug 20879.
• Additional ABI/API compatibility fixes. Bug 20881.
• Missing data in pinfo->cinfo in HomePlug message CM_ATTEN_CHAR.IND. Bug 20893.
• maxmind_db: crash when switching from a profile where it's disabled to one where it's enabled. Bug 20903.
• Compilation warning or error if CFLAGS defines _FORTIFY_SOURCE to other than 3 without first undefining it. Bug 20904.
• IEEE 802.11: Incorrect parsing of QoS and Mesh Control Field when the frame body contains an A-MSDU. Bug 20905.
• OSS-Fuzz 473164101: Heap-buffer-overflow in dissect_idn_laser_data. Bug 20936.
• Bug in decoding 5G NAS message - Extended CAG information list IE. Bug 20946.

Getting Wireshark

Wireshark source code and installation packages are available from https://www.wireshark.org/download.html.

Vendor-supplied Packages

Most Linux and Unix vendors supply their own Wireshark packages. You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be found on the download page on the Wireshark web site.

File Locations

Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary from platform to platform. You can use Help › About Wireshark › Folders or tshark -G folders to find the default locations on your system.

Getting Help

The User's Guide, manual pages and various other documentation can be found at https://www.wireshark.org/docs/.

Community support is available on Wireshark's Q&A site and on the wireshark-users mailing list. Subscription information and archives for all of Wireshark's mailing lists can be found on the mailing list site.

Bugs and feature requests can be reported on the issue tracker.

You can learn protocol analysis and meet Wireshark's developers at SharkFest.

How You Can Help

The Wireshark Foundation helps as many people as possible understand their networks as much as possible. You can find out more and donate at wiresharkfoundation.org.

Frequently Asked Questions

A complete FAQ is available on the Wireshark web site.