diff --git a/changelog.d/12101.misc b/changelog.d/12101.misc
new file mode 100644
index 000000000000..d165f73d13e8
--- /dev/null
+++ b/changelog.d/12101.misc
@@ -0,0 +1 @@
+Limit the size of `aggregation_key` on annotations.
diff --git a/synapse/handlers/message.py b/synapse/handlers/message.py
index 61cb133ef265..0799ec9a84df 100644
--- a/synapse/handlers/message.py
+++ b/synapse/handlers/message.py
@@ -1069,6 +1069,9 @@ async def _validate_event_relation(self, event: EventBase) -> None:
         if relation_type == RelationTypes.ANNOTATION:
             aggregation_key = relation["key"]
 
+            if len(aggregation_key) > 500:
+                raise SynapseError(400, "Aggregation key is too long")
+
             already_exists = await self.store.has_user_annotated_event(
                 relates_to, event.type, aggregation_key, event.sender
             )