diff --git a/crates/collab/src/db/queries/users.rs b/crates/collab/src/db/queries/users.rs
index b884f276de..ff5c4d5c17 100644
--- a/crates/collab/src/db/queries/users.rs
+++ b/crates/collab/src/db/queries/users.rs
@@ -48,6 +48,9 @@ impl Database {
 
     /// Returns all users by ID. There are no access checks here, so this should only be used internally.
     pub async fn get_users_by_ids(&self, ids: Vec<UserId>) -> Result<Vec<user::Model>> {
+        if ids.len() >= 10000_usize {
+            return Err(anyhow!("too many users"))?;
+        }
         self.transaction(|tx| async {
             let tx = tx;
             Ok(user::Entity::find()