diff --git a/askama_parser/src/expr.rs b/askama_parser/src/expr.rs
index 50e719b2..8ad4d20f 100644
--- a/askama_parser/src/expr.rs
+++ b/askama_parser/src/expr.rs
@@ -1289,6 +1289,10 @@ impl<'a: 'l, 'l> TyGenerics<'a> {
 
         let p = ws((repeat(0.., ws('&')), path, opt(Self::args)));
         let ((refs, path, args), span) = p.with_span().parse_next(i)?;
+        let max_refs = 20;
+        if refs > max_refs {
+            return cut_error!(format!("too many references (> {max_refs})"), span);
+        }
 
         if let [name] = path.as_slice() {
             if matches!(**name, "super" | "self" | "crate") {
diff --git a/fuzzing/fuzz/artifacts/derive/clusterfuzz-testcase-minimized-derive-6696196543676416 b/fuzzing/fuzz/artifacts/derive/clusterfuzz-testcase-minimized-derive-6696196543676416
new file mode 100644
index 00000000..3b571591
Binary files /dev/null and b/fuzzing/fuzz/artifacts/derive/clusterfuzz-testcase-minimized-derive-6696196543676416 differ
diff --git a/testing/tests/ui/references.rs b/testing/tests/ui/references.rs
new file mode 100644
index 00000000..f0a2909f
--- /dev/null
+++ b/testing/tests/ui/references.rs
@@ -0,0 +1,7 @@
+use askama::Template;
+
+#[derive(Template)]
+#[template(source = "{{J::<&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&e>()}}", ext = "html")]
+struct X;
+
+fn main() {}
diff --git a/testing/tests/ui/references.stderr b/testing/tests/ui/references.stderr
new file mode 100644
index 00000000..b30e182a
--- /dev/null
+++ b/testing/tests/ui/references.stderr
@@ -0,0 +1,7 @@
+error: too many references (> 20)
+ --> <source attribute>:1:6
+       "&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&e>()}}"
+ --> tests/ui/references.rs:4:21
+  |
+4 | #[template(source = "{{J::<&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&e>()}}", ext = "html")]
+  |                     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^