BlackBerry seems to have been mostly spared from the Heartbleed OpenSSL vulnerability. BlackBerry had to go through all their services and NOC to search for instances of OpenSSL and thankfully not much was found. BlackBerry has pushed a small update to BES 10 Work Connect Service which is using Apache Tomcat.
They also pushed out a fix for BBM on Android and iOS along with updating the Secure Work Space on Android and iOS. The only remaining vulnerabilities are BlackBerry Link from users on the same network.