As core programmable components of blockchain, smart contracts are responsible for asset management and the execution of complex business logic, forming the foundation of decentralized finance (DeFi) protocols. However, with the rapid advancement of blockchain technology, security issues related to smart contracts and DeFi protocols have become increasingly prominent, attracting numerous attackers seeking to exploit vulnerabilities for illicit gains. In recent years, several major security incidents involving smart contracts and DeFi protocols have highlighted the importance of vulnerability detection research, making it a critical area for security defense. This study systematically reviews existing literature and proposes a comprehensive framework for research on vulnerability detection in smart contracts and DeFi protocols. Specifically, vulnerabilities and detection techniques are categorized and analyzed for both domains. For smart contracts, the study focuses on the application of large language models (LLM) as primary detection engines and their integration with traditional methods. For DeFi protocols, it categorizes and details various protocol-level vulnerabilities and their detection methods, analyzing the strengths and limitations of detection strategies before and after attacks, addressing gaps in existing reviews on DeFi vulnerability detection. Finally, this study summarizes the challenges faced by current detection approaches and outlines future research directions, aiming to provide new insights and theoretical support for the security detection of smart contracts and DeFi protocols.